public unsafe int GetICMPPart(int CurrentPtr, int PacketSize)
{
byte * ptr = ( byte * )CurrentPtr;
int Size = 0;
byte b;
ushort val = 0;
int i = 0;
b = *(ptr++);
PIcmp.Type = b;
b = *(ptr++);
PIcmp.Code = b;
val = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PIcmp.Checksum = val;
val = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PIcmp.Identifier = val;
val = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PIcmp.SequenceNumber = val;
Size = PacketSize - PACKET_ETHERNET_LENGTH - PACKET_INTERNET_LENGTH - PACKET_ICMP_LENGTH;
PIcmp.Data = new byte[Size];
for (i = 0; i < Size; i++)
{
PIcmp.Data[i] = *(ptr++);
}
return(CurrentPtr + Size + PACKET_ICMP_LENGTH);
}
public unsafe int GetPNBSSPart(int CurrentPtr)
{
byte * ptr = ( byte * )CurrentPtr;
byte b = 0;
ushort u = 0;
b = *(ptr);
PNBSessionService.MessageType = b;
b = *(ptr + 1);
PNBSessionService.Flags = b;
u = AllFunctions.Get2Bytes(ptr + 2, NORMAL);
PNBSessionService.Length = u;
return(CurrentPtr + PACKET_NETBIOS_SESSION_SERVICE_LENGTH);
}
unsafe public int GetTCPPart(int CurrentPtr)
{
ushort u = 0;
uint ui = 0;
byte b = 0;
ushort *usptr = ( ushort * )CurrentPtr;
uint * uiptr = ( uint * )CurrentPtr;
byte * ptr = ( byte * )CurrentPtr;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PTcp.SourcePort = u;
PTcp.SourcePortStr = GetPortStr((int)u);
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PTcp.DestinationPort = u;
PTcp.DestinationPortStr = GetPortStr((int)u);
ui = AllFunctions.Get4Bytes(ptr, NORMAL); ptr += 4;
PTcp.SequenceNumber = ui; // ?
ui = AllFunctions.Get4Bytes(ptr, NORMAL); ptr += 4;
PTcp.Acknowledgement = ui;
b = *(ptr++);
PTcp.HeaderLength = (byte)(((int)b >> 4) * 4);
b = *(ptr++);
PTcp.Falgs = b;
PTcp.FalgsStr = GetTCPFLAGSStr(b);
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PTcp.WindowSize = u;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PTcp.Checksum = u;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PTcp.Options = u;
return(CurrentPtr + PACKET_TCP_LENGTH);
}
public unsafe int GetUDPPart(int CurrentPtr)
{
byte * ptr = ( byte * )CurrentPtr;
ushort u = 0;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PUdp.SourcePort = u;
PUdp.SourcePortStr = GetPortStr((int)u);
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PUdp.DestinationPort = u;
PUdp.DestinationPortStr = GetPortStr((int)u);
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PUdp.Length = u;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PUdp.Checksum = u;
return(CurrentPtr + PACKET_UDP_LENGTH);
}
unsafe public int GetINTERNETPart(int CurrentPtr)
{
byte b = 0;
ushort us = 0;
byte * ptr = ( byte * )CurrentPtr;
ushort *usptr = ( ushort * )CurrentPtr;
b = *(ptr++);
PInternet.Version = (byte)((int)b >> 4);
PInternet.HeaderLength = (byte)(((int)b & 0x0f) * 4);
b = *(ptr++);
PInternet.DifferentiatedServicesField = b;
PInternet.DifferentiatedServicesFieldStr = "";
if ((b & 0x0d) > 0)
{
PInternet.DifferentiatedServicesFieldStr += "Differentiated Services Codepoint ( Default : 0x00 ),";
}
if ((b & 0x02) > 0)
{
PInternet.DifferentiatedServicesFieldStr += "ECN Capable Transport ( ECT ),";
}
if ((b & 0x01) > 0)
{
PInternet.DifferentiatedServicesFieldStr += "ECN-CE,";
}
if (PInternet.DifferentiatedServicesFieldStr != "")
{
PInternet.DifferentiatedServicesFieldStr = PInternet.DifferentiatedServicesFieldStr.Substring(0, PInternet.DifferentiatedServicesFieldStr.Length - 1);
}
us = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PInternet.Length = us;
us = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PInternet.Identification = us;
us = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PInternet.Flags = (byte)((int)us >> 12);
if ((PInternet.Flags & 0x04) > 0)
{
PInternet.FlagsStr = "Dont fragment";
}
if ((PInternet.Flags & 0x02) > 0)
{
PInternet.FlagsStr = "More fragments";
}
PInternet.FragmentOffset = (ushort)((int)us & 0x0f);
b = *(ptr++);
PInternet.TimeToLive = b;
b = *(ptr++);
PInternet.Protocol = b;
PInternet.ProtocolStr = GetProtocolStr((int)b);
us = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PInternet.HeaderChecksum = us;
PInternet.SourceStr = "";
b = *(ptr++);
PInternet.SourceStr += b.ToString() + ".";
b = *(ptr++);
PInternet.SourceStr += b.ToString() + ".";
b = *(ptr++);
PInternet.SourceStr += b.ToString() + ".";
b = *(ptr++);
PInternet.SourceStr += b.ToString();
PInternet.Source = (uint)AllFunctions.IpAddressToInt(PInternet.SourceStr);
PInternet.DestinationStr = "";
b = *(ptr++);
PInternet.DestinationStr += b.ToString() + ".";
b = *(ptr++);
PInternet.DestinationStr += b.ToString() + ".";
b = *(ptr++);
PInternet.DestinationStr += b.ToString() + ".";
b = *(ptr++);
PInternet.DestinationStr += b.ToString();
PInternet.Destination = (uint)AllFunctions.IpAddressToInt(PInternet.DestinationStr);
return(CurrentPtr + PACKET_INTERNET_LENGTH);
}
unsafe public int GetEIGRPPart(int CurrentPtr)
{
byte * ptr = ( byte * )CurrentPtr;
ushort u = 0;
uint ui = 0;
byte b = 0;
b = *(ptr++);
PEigrp.Version = b;
b = *(ptr++);
PEigrp.OpCode = b;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PEigrp.Checksum = u;
ui = AllFunctions.Get4Bytes(ptr, NORMAL); ptr += 4;
PEigrp.Flags = ui;
ui = AllFunctions.Get4Bytes(ptr, NORMAL); ptr += 4;
PEigrp.Sequence = ui;
ui = AllFunctions.Get4Bytes(ptr, NORMAL); ptr += 4;
PEigrp.Acknowledge = ui;
ui = AllFunctions.Get4Bytes(ptr, NORMAL); ptr += 4;
PEigrp.AutonomousSystem = ui;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PEigrp.Parameters.Type = u;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PEigrp.Parameters.Size = u;
b = *(ptr++);
PEigrp.Parameters.K1 = b;
b = *(ptr++);
PEigrp.Parameters.K2 = b;
b = *(ptr++);
PEigrp.Parameters.K3 = b;
b = *(ptr++);
PEigrp.Parameters.K4 = b;
b = *(ptr++);
PEigrp.Parameters.K5 = b;
b = *(ptr++);
PEigrp.Parameters.Reserved = b;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PEigrp.Parameters.HoldTime = u;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PEigrp.Software.Type = u;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PEigrp.Software.Size = u;
b = *(ptr++);
PEigrp.Software.IOS = b.ToString() + ".";
b = *(ptr++);
PEigrp.Software.IOS += b.ToString();
b = *(ptr++);
PEigrp.Software.EigrpRelease = b.ToString() + ".";
b = *(ptr++);
PEigrp.Software.EigrpRelease += b.ToString();
return(CurrentPtr + PACKET_EIGRP_LENGTH);
}
public unsafe void GetSMBPart(int CurrentPtr)
{
byte * ptr = ( byte * )CurrentPtr;
byte b = 0;
ushort u = 0;
int i = 0;
PSmbHeader.ServerComponent = ""; ptr++;
PSmbHeader.ServerComponent += (char)*(ptr++);
PSmbHeader.ServerComponent += (char)*(ptr++);
PSmbHeader.ServerComponent += (char)*(ptr++);
b = *(ptr++);
PSmbHeader.Command = b;
b = *(ptr++);
PSmbHeader.ErrorClass = b;
b = *(ptr++);
PSmbHeader.Reserved1 = b;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PSmbHeader.ErrorCode = u;
b = *(ptr++);
PSmbHeader.Flags = b;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PSmbHeader.Flags2 = u;
PSmbHeader.Reserved2 = new byte[12];
for (i = 0; i < 12; i++)
{
PSmbHeader.Reserved2[i] = *(ptr++);
}
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PSmbHeader.TreeId = u;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PSmbHeader.ProcessId = u;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PSmbHeader.UserId = u;
u = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PSmbHeader.MultiplexId = u;
if (PSmbHeader.Command == 0x0d)
{
PSmbBody.WordCount = *(ptr++);
PSmbBody.ByteCount = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
if (PSmbBody.ByteCount > 0)
{
PSsmbRequest.OriginatorBufferFormat = *(ptr++);
i = 0;
PSsmbRequest.OriginatorName = "";
while (*(ptr++) != 0)
{
PSsmbRequest.OriginatorName += (char)*(ptr);
}
ptr++;
PSsmbRequest.DestinationBufferFormat = *(ptr++);
PSsmbRequest.DestinationName = "";
while (*(ptr++) != 0)
{
PSsmbRequest.DestinationName += (char)*(ptr);
}
ptr++;
PSsmbRequest.MessageBufferFormat = *(ptr++);
PSsmbRequest.MessageLen = AllFunctions.Get2Bytes(ptr, NORMAL); ptr += 2;
PSsmbRequest.Message = "";
for (i = 0; i < PSsmbRequest.MessageLen; i++)
{
PSsmbRequest.Message += (char)*(ptr++);
}
PSmb.ConnectedObject = PSsmbRequest;
}
PSmb.SmbHeader = PSmbHeader;
PSmb.SmbBody = PSmbBody;
}
}