示例#1
0
        private void ipNext(IpPacket ip)
        {
            switch (ip.NextHeader)
            {
            case IPProtocolType.TCP:
                TcpPacket tcp = (TcpPacket)ip.Extract(typeof(TcpPacket));
                TCP(tcp);
                break;

            case IPProtocolType.UDP:
                UdpPacket udp = (UdpPacket)ip.Extract(typeof(UdpPacket));
                UDP(udp);
                break;

            case IPProtocolType.ICMP:
                ICMPv4Packet icmp = (ICMPv4Packet)ip.Extract(typeof(ICMPv4Packet));
                ICMP(icmp);
                break;

            case IPProtocolType.ICMPV6:
                ICMPv6Packet icmpv6 = (ICMPv6Packet)ip.Extract(typeof(ICMPv6Packet));
                ICMPv6(icmpv6);
                break;

            case IPProtocolType.IGMP:
                break;

            default:
                break;
            }
        }
示例#2
0
        private void HostDiscoveryRouterAdvertisement()
        {
            //
            // Host discovery enviando router advertisements
            // http://dev.metasploit.com/redmine/projects/framework/repository/revisions/67120d4263806eaedcad03761439509eda5cba12/entry/modules/auxiliary/scanner/discovery/ipv6_neighbor_router_advertisement.rb
            //

            EthernetPacket ethernet = new EthernetPacket(Device.Interface.MacAddress,
                                                         new PhysicalAddress(new byte[] { 0x33, 0x33, 0x0, 0x0, 0x0, 0x1 }),
                                                         EthernetPacketType.IpV6);

            IPAddress[] ipsMultiCast = new IPAddress[] {
                new IPAddress(new byte[] { 0xff, 0x02, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 })
            };

            foreach (IPAddress ipMulticast in ipsMultiCast)
            {
                IPv6Packet ipv6 = new IPv6Packet(Program.CurrentProject.data.GetIPv6LocalLinkFromDevice(Device), ipMulticast);
                ipv6.HopLimit = 255;

                ICMPv6Packet routerAdvertisement = new ICMPv6Packet(new ByteArraySegment(new ICMPv6.NeighborRouterAdvertisement(Device.Interface.MacAddress).GetBytes()));

                ethernet.PayloadPacket = ipv6;
                ipv6.PayloadPacket     = routerAdvertisement;
                Program.CurrentProject.data.SendPacket(ethernet);
            }
        }
示例#3
0
        private static void device_OnPacketArrival(object sender, CaptureEventArgs e)
        {
            try
            {
                Kavprot.Packets.Packet packet = Kavprot.Packets.Packet.ParsePacket(e.Packet);
                if (packet is Kavprot.Packets.EthernetPacket)
                {
                    var ip = Kavprot.Packets.IpPacket.GetEncapsulated(packet);

                    if (ip.Protocol == Kavprot.Packets.IPProtocolType.TCP)
                    {
                        TcpPacket tcp = TcpPacket.GetEncapsulated(packet);
                        if (tcp != null)
                        {
                            Alert.Attack("Intrusion Detected", "an intrusion was detected using TCP from " + ip.SourceAddress.ToString() + " @port " + tcp.SourcePort.ToString(), ToolTipIcon.Warning, true);
                        }
                    }
                    else if (ip.Protocol == Kavprot.Packets.IPProtocolType.UDP)
                    {
                        UdpPacket udp = UdpPacket.GetEncapsulated(packet);
                        if (udp != null)
                        {
                            Alert.Attack("Intrusion Detected", "an intrusion was detected using UDP from " + ip.SourceAddress.ToString() + " @port " + udp.SourcePort.ToString(), ToolTipIcon.Warning, true);
                        }
                    }
                    else if (ip.Protocol == Kavprot.Packets.IPProtocolType.IGMP)
                    {
                        IGMPv2Packet igmp = IGMPv2Packet.GetEncapsulated(packet);
                        if (igmp != null)
                        {
                            Alert.Attack("Intrusion Detected : Unwanted IGMP Packet", "an intrusion was detected using IGMP from " + ip.SourceAddress.ToString(), ToolTipIcon.Warning, true);
                        }
                    }
                    else if (ip.Protocol == Kavprot.Packets.IPProtocolType.ICMPV6)
                    {
                        ICMPv6Packet icmp6 = ICMPv6Packet.GetEncapsulated(packet);
                        if (icmp6 != null)
                        {
                            Alert.Attack("Intrusion Detected : Unwanted ICMPv6 Packet", "an intrusion was detected using ICMPv6 from " + ip.SourceAddress.ToString(), ToolTipIcon.Warning, true);
                        }
                    }
                    else if (ip.Protocol == Kavprot.Packets.IPProtocolType.ICMP)
                    {
                        ICMPv4Packet icmp4 = ICMPv4Packet.GetEncapsulated(packet);
                        if (icmp4 != null)
                        {
                            Alert.Attack("Intrusion Detected : Unwanted ICMPv4 Packet", "an intrusion was detected using ICMPv4 from " + ip.SourceAddress.ToString(), ToolTipIcon.Warning, true);
                        }
                    }
                }
            }
            catch
            {
            }
            finally
            {
            }
        }
示例#4
0
        private void Attack()
        {
            while (true)
            {
                try
                {
                    /* INICIAR EL ATAQUE MODIFICANDO LA CACHE ARP (DoS IPv4) Y LAS TABLAS DE VECINOS (IPv6 SLAAC) */
                    foreach (Data.Attack attack in attacks.Where(A => A.attackType == Data.AttackType.SlaacMitm && A.attackStatus == Data.AttackStatus.Attacking))
                    {
                        if (attack is evilfoca.Data.MitmAttack)
                        {
                            evilfoca.Data.MitmAttack slaacMitm = (evilfoca.Data.MitmAttack)attack;
                            EthernetPacket           ethernet;

                            {
                                IPAddress       myIP  = Program.CurrentProject.data.GetIPv6LocalLinkFromDevice(Program.CurrentProject.data.GetDevice());
                                PhysicalAddress myMac = Program.CurrentProject.data.GetDevice().MacAddress;

                                // IPv6 (de vinculo local) y MAC atacada
                                IPAddress       IPdst  = slaacMitm.t2.ip;
                                PhysicalAddress MACdst = slaacMitm.t2.mac;

                                ICMPv6Packet routerAdvertisement = new ICMPv6Packet(new ByteArraySegment(new ICMPv6.NeighborRouterAdvertisement(myMac, slaacMitm.prefix, false).GetBytes()));
                                IPv6Packet   ipv6 = new IPv6Packet(myIP, IPdst);
                                ipv6.PayloadPacket = routerAdvertisement;
                                ipv6.HopLimit      = 255;

                                ethernet = new EthernetPacket(myMac, MACdst, EthernetPacketType.IpV6);
                                ethernet.PayloadPacket = ipv6;
                                Program.CurrentProject.data.SendPacket(ethernet);
                            }
                        }
                    }

                    /* PARAR ATAQUE Y RESTAURAR LA CACHE DNS Y TABLAS DE VECINOS */
                    foreach (Data.Attack attack in attacks.Where(A => A.attackType == Data.AttackType.SlaacMitm && A.attackStatus == Data.AttackStatus.Stopping))
                    {
                        if (attack is evilfoca.Data.MitmAttack)
                        {
                            evilfoca.Data.MitmAttack slaacMitm = (evilfoca.Data.MitmAttack)attack;

                            /* Enviar paquetes para que pare la denegacion de servicio IPv4 */

                            /* Enviar paquetes para que pare el envenenamiento de vecino IPv6 */

                            attack.attackStatus = Data.AttackStatus.Stop;
                        }
                    }


                    Thread.Sleep(SendPacketEachXSecs * 1000);
                }
                catch
                {
                }
            }
        }
示例#5
0
        public void Get()
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet.SetByte(1, 1);

            icmpv6Packet.Code.Should().Be(1);
        }
示例#6
0
        public void Set()
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet.Sequence = 17;

            icmpv6Packet.Sequence.Should().Be(17);
        }
示例#7
0
 public PacketDetials(Packet packet)
 {
     this.packet    = packet;
     ethernetPacket = EthernetPacket.GetEncapsulated(packet);
     if (ethernetPacket != null)
     {
         typeName = "Ethernet";
     }
     ipPacket = IpPacket.GetEncapsulated(packet);
     if (ipPacket != null)
     {
         typeName = "Ip";
     }
     arpPacket = ARPPacket.GetEncapsulated(packet);
     if (arpPacket != null)
     {
         typeName = "ARP";
     }
     icmpv4Packet = ICMPv4Packet.GetEncapsulated(packet);
     if (icmpv4Packet != null)
     {
         typeName = "ICMPv4";
     }
     icmpv6Packet = ICMPv6Packet.GetEncapsulated(packet);
     if (icmpv6Packet != null)
     {
         typeName = "ICMPv6";
     }
     igmpv2Packet = IGMPv2Packet.GetEncapsulated(packet);
     if (igmpv2Packet != null)
     {
         typeName = "IGMPv2";
     }
     pppoePacket = PPPoEPacket.GetEncapsulated(packet);
     if (pppoePacket != null)
     {
         typeName = "PPPoE";
     }
     pppPacket = PPPPacket.GetEncapsulated(packet);
     if (pppPacket != null)
     {
         typeName = "PPP";
     }
     tcpPacket = TcpPacket.GetEncapsulated(packet);
     if (tcpPacket != null)
     {
         typeName = "TCP";
     }
     udpPacket = UdpPacket.GetEncapsulated(packet);
     if (udpPacket != null)
     {
         typeName = "UDP";
     }
 }
示例#8
0
        public void Get()
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet.SetBytes(6, 2, new Byte[] { 0x00, 0x11 });

            icmpv6Packet.Sequence.Should().Be(17);
        }
示例#9
0
        public void Get(Byte input, ICMPv6Type expected)
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet.SetByte(0, input);

            icmpv6Packet.Type.Should().Be(expected);
        }
示例#10
0
        public void Set()
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet.Checksum = 19786;

            icmpv6Packet.Checksum.Should().Be(19786);
        }
示例#11
0
        public void Get()
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet[2, 2] = new Byte[] { 0x4d, 0x4a };

            icmpv6Packet.Checksum.Should().Be(19786);
        }
示例#12
0
        public void Set()
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet.Id = 1;

            icmpv6Packet.Id.Should().Be(1);
        }
示例#13
0
        public void Get()
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet[4, 2] = new Byte[] { 0x00, 0x01 };

            icmpv6Packet.Id.Should().Be(1);
        }
示例#14
0
        // main routine
        public override PacketMainReturn interiorMain(ref Packet in_packet)
        {
            // if the packet is ICMPv4
            if (in_packet.GetHighestLayer() == Protocol.ICMP)
            {
                ICMPPacket packet = (ICMPPacket)in_packet;
                // check if the packet is allowed and deny all is false
                if (isAllowed(packet.Type.ToString(), packet.Code.ToString(), 4) &&
                    !data.DenyIPv4)
                {
                    return(null);
                }
                // else, log and drop it
                else
                {
                    PacketMainReturn pmr;
                    pmr            = new PacketMainReturn(this);
                    pmr.returnType = PacketMainReturnType.Drop;
                    if (data.Log)
                    {
                        pmr.returnType |= PacketMainReturnType.Log;
                        pmr.logMessage  = "ICMP from " + packet.SourceIP.ToString() + " for " +
                                          packet.DestIP.ToString() + " was dropped.";
                    }
                    return(pmr);
                }
            }

            // if the packet is ICMPv6
            if (in_packet.GetHighestLayer() == Protocol.ICMPv6)
            {
                ICMPv6Packet packet = (ICMPv6Packet)in_packet;
                if ((isAllowed(packet.Type.ToString(), packet.Code.ToString(), 6) &&
                     !data.DenyIPv6) && isDeniedNDP(packet))
                {
                    return(null);
                }
                else
                {
                    PacketMainReturn pmr;
                    pmr            = new PacketMainReturn(this);
                    pmr.returnType = PacketMainReturnType.Drop;
                    if (data.Log)
                    {
                        pmr.returnType |= PacketMainReturnType.Log;
                        pmr.logMessage  = "ICMPv6 from " + packet.SourceIP.ToString() + " for " +
                                          packet.DestIP.ToString() + " was dropped.";
                    }
                    return(pmr);
                }
            }
            return(null);
        }
示例#15
0
        // main routine
        public override PacketMainReturnType interiorMain(ref Packet in_packet)
        {
            LogEvent le;

            // if the packet is ICMPv4
            if (in_packet.GetHighestLayer() == Protocol.ICMP)
            {
                ICMPPacket packet = (ICMPPacket)in_packet;
                // check if the packet is allowed and deny all is false
                if (isAllowed(packet.Type.ToString(), packet.Code.ToString(), 4) &&
                    !data.DenyIPv4)
                {
                    return(PacketMainReturnType.Allow);
                }
                // else, log and drop it
                else
                {
                    PacketMainReturnType pmr = PacketMainReturnType.Drop;
                    if (data.Log)
                    {
                        pmr   |= PacketMainReturnType.Log;
                        le     = new LogEvent(String.Format(multistring.GetString("ICMPv4 was dropped"), packet.SourceIP.ToString(), packet.DestIP.ToString()), this);
                        le.PMR = PacketMainReturnType.Log | PacketMainReturnType.Drop;
                        LogCenter.Instance.LogEvent(le);
                    }
                    return(pmr);
                }
            }

            // if the packet is ICMPv6
            if (in_packet.GetHighestLayer() == Protocol.ICMPv6)
            {
                ICMPv6Packet packet = (ICMPv6Packet)in_packet;
                if ((isAllowed(packet.Type.ToString(), packet.Code.ToString(), 6) &&
                     !data.DenyIPv6) && isDeniedNDP(packet))
                {
                    return(PacketMainReturnType.Allow);
                }
                else
                {
                    PacketMainReturnType pmr = PacketMainReturnType.Drop;
                    if (data.Log)
                    {
                        pmr   |= PacketMainReturnType.Log;
                        le     = new LogEvent(String.Format(multistring.GetString("ICMPv6 was dropped"), packet.SourceIP.ToString(), packet.DestIP.ToString()), this);
                        le.PMR = PacketMainReturnType.Log | PacketMainReturnType.Drop;
                        LogCenter.Instance.LogEvent(le);
                    }
                    return(pmr);
                }
            }
            return(PacketMainReturnType.Allow);
        }
示例#16
0
        public void Set(Byte expected, ICMPv6Type input)
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet.Type = input;

            icmpv6Packet.GetByte(0).Should().Be(expected);
            icmpv6Packet.Type.Should().Be(input);
        }
示例#17
0
        public void Get(Byte[] input, ICMPv6TypeCode expected)
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet.SetBytes(0, 2, input);

            ((Byte)(icmpv6Packet.Type)).Should().Be(input[0]);
            icmpv6Packet.Code.Should().Be(input[1]);
            icmpv6Packet.TypeCode.Should().Be(expected);
        }
示例#18
0
        private void ICMPv6(ICMPv6Packet v6)
        {
            if (ICMPv6Node == null)
            {
                ICMPv6Node = CreatNode("ICMPv6", 4);
            }
            ICMPv6Node.Nodes.Clear();

            ICMPv6Node.Nodes.Add("Type: " + v6.Type.ToString() + " (" + (int)v6.Type + ")");
            ICMPv6Node.Nodes.Add("Code: " + v6.Code.ToString());
            ICMPv6Node.Nodes.Add("checksum: 0x" + v6.Checksum.ToString("X"));
            Tree.Nodes.Add(ICMPv6Node);
        }
示例#19
0
        public void Set(Byte[] expected, ICMPv6TypeCode input)
        {
            var icmpv6Packet = new ICMPv6Packet
            {
                Bytes = new Byte[32]
            };

            icmpv6Packet.TypeCode = input;
            icmpv6Packet.GetBytes(0, 2).ToArray().Should().Equal(expected);
            ((Byte)(icmpv6Packet.Type)).Should().Be(expected[0]);
            icmpv6Packet.Code.Should().Be(expected[1]);
            icmpv6Packet.TypeCode.Should().Be(input);
        }
示例#20
0
        static public void SendNeighborAdvertisement(IPAddress ipSrc, PhysicalAddress MACSrc, IPAddress ipDest, PhysicalAddress MACDest)
        {
            Packet p = new EthernetPacket(MACSrc, MACDest, EthernetPacketType.IpV6);

            p.PayloadPacket = new IPv6Packet(ipSrc, ipDest);
            (p.PayloadPacket as IPv6Packet).HopLimit = 255;
            NeighborAdvertisement NA   = new NeighborAdvertisement(ipSrc, MACSrc);
            ICMPv6Packet          icmp = new ICMPv6Packet(new ByteArraySegment(NA.GetBytes()));

            icmp.Type = (ICMPv6Types)136; //Neighbor Advertisement
            icmp.Code = 0;
            p.PayloadPacket.PayloadPacket = icmp;
            Program.CurrentProject.data.SendPacket(p);
        }
示例#21
0
        private void ipNext(IpPacket ip)
        {
            PayLoadData = ip.PayloadData;
            switch (ip.NextHeader)
            {
            case IPProtocolType.TCP:    //最终协议为TCP
                TcpPacket tcp = TcpPacket.GetEncapsulated(packet);
                TCP(tcp);
                break;

            case IPProtocolType.UDP:
                UdpPacket udp = UdpPacket.GetEncapsulated(packet);
                UDP(udp);
                break;

            case IPProtocolType.ICMP:
                ICMPv4Packet icmp = ICMPv4Packet.GetEncapsulated(packet);
                ICMPv4(icmp);
                break;

            case IPProtocolType.ICMPV6:
                ICMPv6Packet icmpv6 = ICMPv6Packet.GetEncapsulated(packet);
                ICMPv6(icmpv6);
                break;

            case IPProtocolType.IGMP:
                IGMPv2Packet igmp = IGMPv2Packet.GetEncapsulated(packet);
                IGMP(igmp);
                break;

            case IPProtocolType.IPV6:
                List <byte> packetData = new List <byte>();
                byte[]      tmp        = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
                packetData.AddRange(tmp);
                packetData.AddRange(new byte[] { 0x86, 0xdd });
                packetData.AddRange(ip.PayloadData);
                Packet     p   = Packet.ParsePacket(LinkLayers.Ethernet, packetData.ToArray());
                IPv6Packet ip6 = (IPv6Packet)IPv6Packet.GetEncapsulated(p);
                IPv6(ip6);
                packet = p;
                ipNext(ip6 as IpPacket);
                break;

            case IPProtocolType.GRE:
                GREPacket gre = new GREPacket(ip.PayloadData);
                GRE(gre);
                break;
            }
        }
示例#22
0
 private void ICMPv6(ICMPv6Packet icmpv6)
 {
     if (ICMPv6Node == null)
     {
         ICMPv6Node = new TreeNode();
     }
     ICMPv6Node.Nodes.Clear();
     ICMPv6Node.Text = string.Format("Internet Control Message Protocol v6");
     ICMPv6Node.Nodes.Add(string.Format("Type: {0}", icmpv6.Type));
     ICMPv6Node.Nodes.Add(string.Format("Code: {0}", icmpv6.Code));
     ICMPv6Node.Nodes.Add(string.Format("Checksum: {0}", icmpv6.Checksum));
     //ICMPv6Node.Nodes.Add(string.Format(""));
     //ICMPv6Node.Nodes.Add(string.Format(""));
     tree.Nodes.Add(ICMPv6Node);
 }
示例#23
0
        public void BinarySerialization()
        {
            var dev = new CaptureFileReaderDevice("../../CaptureFiles/ipv6_icmpv6_packet.pcap");

            dev.Open();

            RawCapture rawCapture;
            Boolean    foundicmpv6 = false;

            while ((rawCapture = dev.GetNextPacket()) != null)
            {
                Packet p      = Packet.ParsePacket(rawCapture.LinkLayerType, rawCapture.Data);
                var    icmpv6 = (ICMPv6Packet)p.Extract(typeof(ICMPv6Packet));
                if (icmpv6 == null)
                {
                    continue;
                }
                foundicmpv6 = true;

                Stream          outFile    = File.Create("icmpv6.dat");
                BinaryFormatter serializer = new BinaryFormatter();
                serializer.Serialize(outFile, icmpv6);
                outFile.Close();

                Stream          inFile       = File.OpenRead("icmpv6.dat");
                BinaryFormatter deserializer = new BinaryFormatter();
                ICMPv6Packet    fromFile     = (ICMPv6Packet)deserializer.Deserialize(inFile);
                inFile.Close();


                Assert.AreEqual(icmpv6.Bytes, fromFile.Bytes);
                Assert.AreEqual(icmpv6.BytesHighPerformance.Bytes, fromFile.BytesHighPerformance.Bytes);
                Assert.AreEqual(icmpv6.BytesHighPerformance.BytesLength, fromFile.BytesHighPerformance.BytesLength);
                Assert.AreEqual(icmpv6.BytesHighPerformance.Length, fromFile.BytesHighPerformance.Length);
                Assert.AreEqual(icmpv6.BytesHighPerformance.NeedsCopyForActualBytes, fromFile.BytesHighPerformance.NeedsCopyForActualBytes);
                Assert.AreEqual(icmpv6.BytesHighPerformance.Offset, fromFile.BytesHighPerformance.Offset);
                Assert.AreEqual(icmpv6.Checksum, fromFile.Checksum);
                Assert.AreEqual(icmpv6.Color, fromFile.Color);
                Assert.AreEqual(icmpv6.Header, fromFile.Header);
                Assert.AreEqual(icmpv6.PayloadData, fromFile.PayloadData);
                Assert.AreEqual(icmpv6.Code, fromFile.Code);
                Assert.AreEqual(icmpv6.Type, fromFile.Type);
            }

            dev.Close();
            Assert.IsTrue(foundicmpv6, "Capture file contained no icmpv6 packets");
        }
示例#24
0
        public void SendMLDQuery()
        {
            EthernetPacket ePacket  = new EthernetPacket(PhysicalAddress.Parse("98-5F-D3-3F-6D-B1"), PhysicalAddress.Parse("33-33-00-00-00-01"), EthernetPacketType.IpV6);
            IPv6Packet     ipPacket = new IPv6Packet(IPAddress.Parse("fe80::d0d6:8c11:a087:3941"), IPAddress.Parse("ff02::1"));

            ePacket.PayloadPacket = ipPacket;
            ICMPv6Packet icmp = new ICMPv6Packet(new PacketDotNet.Utils.ByteArraySegment(new byte[24]));

            Array.Copy(IPAddress.Parse("ff02::1").GetAddressBytes(), 0, icmp.Header, 8, 16);
            icmp.Type              = ICMPv6Types.MulticastLostenerQuery;
            icmp.Code              = 0;
            icmp.Checksum          = 0;
            ipPacket.PayloadPacket = icmp;
            icmp.UpdateCalculatedValues();

            _ncard.SendPacket(ePacket);
        }
示例#25
0
        private void Attack()
        {
            while (true)
            {
                try
                {
                    foreach (Data.Attack attack in attacks.Where(A => A.attackType == Data.AttackType.DoSSLAAC && A.attackStatus == Data.AttackStatus.Attacking))
                    {
                        if (attack is evilfoca.Data.DoSSLAACAttack)
                        {
                            for (int i = 0; i < NumberOfRouterAdvertisement; i++)
                            {
                                //MAC del equipo atacado
                                PhysicalAddress MACdst = (attack as evilfoca.Data.DoSSLAACAttack).t1.mac;

                                //IP de origen aleatoria pero siempre de vinculo local
                                IPAddress IPsrc = GetRandomLocalIPv6();
                                //IP atacada
                                IPAddress IPdst = (attack as evilfoca.Data.DoSSLAACAttack).t1.ip;

                                ICMPv6Packet routerAdvertisement = new ICMPv6Packet(new ByteArraySegment(new ICMPv6.NeighborRouterAdvertisement(MACsrc, GetRandomPrefix(), true).GetBytes()));
                                IPv6Packet   ipv6 = new IPv6Packet(IPsrc, IPdst);
                                ipv6.PayloadPacket = routerAdvertisement;
                                ipv6.HopLimit      = 255;
                                EthernetPacket ethernet = new EthernetPacket(MACsrc, MACdst, EthernetPacketType.IpV6);
                                ethernet.PayloadPacket = ipv6;
                                Program.CurrentProject.data.SendPacket(ethernet);
                            }
                        }
                    }


                    Thread.Sleep(SendDoSAttackEachXSecs * 1000);
                }
                catch (ThreadAbortException)
                {
                    return;
                }
                catch
                {
                }
            }
        }
示例#26
0
        /// <summary>
        /// Checks if ICMPv6 is blocked, and then whether or not the packet is an NDP
        /// </summary>
        /// <param name="packet"></param>
        /// <returns>Returns true if the packet is allowed, false if it is not allowed</returns>
        private bool isDeniedNDP(ICMPv6Packet packet)
        {
            // if they're denying all IPv6 except NDP
            if (data.DenyIPv6NDP)
            {
                // check if it's NDP
                if ((packet.Type <= 133) && (packet.Type >= 137))
                {
                    // it is, return allowed
                    return(true);
                }
                // nope it's not, return BLOCKED
                else
                {
                    return(false);
                }
            }

            // default true because they're not blocking ipv6
            return(true);
        }
示例#27
0
        private void HostDiscoveryPingMulticast()
        {
            //
            // Host discovery enviando pings a las direcciones multicast
            // http://dev.metasploit.com/redmine/projects/framework/repository/revisions/67120d4263806eaedcad03761439509eda5cba12/entry/modules/auxiliary/scanner/discovery/ipv6_multicast_ping.rb
            //
            // Nota: Parece que los windows no responden a los pings mutlicasts. Los linux (backtrack) si lo hacen
            //

            IPAddress ipLocalLink = Program.CurrentProject.data.GetIPv6LocalLinkFromDevice(Device);

            EthernetPacket ethernet = new EthernetPacket(Device.Interface.MacAddress,
                                                         new PhysicalAddress(new byte[] { 0x33, 0x33, 0x0, 0x0, 0x0, 0x1 }),
                                                         EthernetPacketType.IpV6);
            ICMPv6Packet icmp = new ICMPv6Packet(new ByteArraySegment(new byte[40]))
            {
                Type        = ICMPv6Types.EchoRequest,
                PayloadData = Encoding.ASCII.GetBytes("abcdefghijklmnopqrstuvwabcdefghi")
            };

            IPAddress[] ipsMultiCast = new IPAddress[] {
                new IPAddress(new byte[] { 0xff, 0x01, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 }),
                new IPAddress(new byte[] { 0xff, 0x01, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2 }),
                new IPAddress(new byte[] { 0xff, 0x02, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 }),
                new IPAddress(new byte[] { 0xff, 0x02, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2 })
            };

            foreach (IPAddress ipMulticast in ipsMultiCast)
            {
                IPv6Packet ipv6 = new IPv6Packet(
                    ipLocalLink,
                    ipMulticast
                    );
                ethernet.PayloadPacket = ipv6;
                ipv6.PayloadPacket     = icmp;
                Program.CurrentProject.data.SendPacket(ethernet);
            }
        }
示例#28
0
        public void echo_request()
        {
            var icmpv6 = new ICMPv6Packet
            {
                Bytes = new Byte[]
                {
                    0x80, 0x00,
                    0x4d, 0x4a,
                    0x00, 0x01, 0x00, 0x11,
                    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68,
                    0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70,
                    0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x61,
                    0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69
                }
            };

            icmpv6.Type.Should().Be(ICMPv6Type.EchoRequest);
            icmpv6.Code.Should().Be(0);
            icmpv6.TypeCode.Should().Be(ICMPv6TypeCode.EchoRequest);
            icmpv6.Checksum.Should().Be(19786);
            icmpv6.Id.Should().Be(1);
            icmpv6.Sequence.Should().Be(17);
        }
示例#29
0
        // create multicast IPv6 ping packet
        private EthernetPacket GenerateIpv6Ping()
        {
            var ethernetPacket = new EthernetPacket(physicalAddress, broadcastMAC, EthernetPacketType.Arp);
            var ipv6Packet     = new IPv6Packet(IPAddress.Parse((deviceInfo.IPv6 != string.Empty ? deviceInfo.IPv6 : deviceInfo.LinkLocal)), IPAddress.Parse("ff02::1"));

            ipv6Packet.NextHeader        = IPProtocolType.ICMPV6;
            ethernetPacket.PayloadPacket = ipv6Packet;

            var icmpv6Packet = new ICMPv6Packet(new ByteArraySegment(new byte[40]))
            {
                Type        = ICMPv6Types.EchoRequest,
                PayloadData = Encoding.ASCII.GetBytes("abcdefghijklmnopqrstuvwabcdefghi")
            };

            ipv6Packet.PayloadPacket = icmpv6Packet;

            // ICMPv6 checksum fix
            var pseudo = Network.GetPseudoHeader(ipv6Packet.SourceAddress, ipv6Packet.DestinationAddress, icmpv6Packet.Bytes.Length, 58);

            icmpv6Packet.Checksum = (ushort)(ChecksumUtils.OnesComplementSum(pseudo.Concat(icmpv6Packet.Bytes).ToArray()) + 4);

            return(ethernetPacket);
        }
示例#30
0
 public ICMPv6Header(ICMPv6Packet icmpv6Packet)
 {
     _icmpv6Packet = icmpv6Packet;
 }
示例#31
0
    //terrible hack to get ICMPv6 packets to work
    private static ICMPv6Packet CreateICMPv6Packet(Param param)
    {
        byte[] header = null;

        switch ((ICMPv6Types)param.type)
        {
            case ICMPv6Types.RouterSolicitation:
                header = new byte[8];
                break;
            case ICMPv6Types.RouterAdvertisement:
                header = new byte[32];
                header[16] = 0x01;
                header[17] = 0x01;
                header[24] = 0x05;
                header[25] = 0x01;
                break;
            case ICMPv6Types.NeighborSolicitation:
            case ICMPv6Types.NeighborAdvertisement:
                header = new byte[24];
                break;
            case ICMPv6Types.RedirectMessage:
            case ICMPv6Types.RouterRenumbering:
                header = new byte[40];
                break;
            case ICMPv6Types.ICMPNodeInformationQuery:
                header = new byte[32];
                break;
            case ICMPv6Types.ICMPNodeInformationResponse:
                header = new byte[16];
                break;
            case ICMPv6Types.InverseNeighborDiscoverySolicitationMessage:
            case ICMPv6Types.InverseNeighborDiscoveryAdvertisementMessage:
                header = new byte[8];
                break;
            case ICMPv6Types.MulticastListenerDiscovery:
                header = new byte[28];
                header[7] = 0x01;
                break;
            case ICMPv6Types.HomeAgentAddressDiscoveryRequestMessage:
            case ICMPv6Types.HomeAgentAddressDiscoveryReplyMessage:
                header = new byte[8];
                break;
            case ICMPv6Types.MobilePrefixSolicitation:
            case ICMPv6Types.MobilePrefixAdvertisement:
                header = new byte[8];
                break;
            case ICMPv6Types.CertificationPathSolicitation:
                header = new byte[8];
                break;
            case ICMPv6Types.CertificationPathAdvertisement:
                header = new byte[12];
                break;
            case ICMPv6Types.MulticastRouterAdvertisement:
                header = new byte[8];
                break;
            case ICMPv6Types.MulticastRouterSolicitation:
                header = new byte[8];
                break;
            case ICMPv6Types.MulticastRouterTermination:
                header = new byte[4];
                break;
            case ICMPv6Types.RPLControlMessage:
                header = new byte[6];
                break;
            default:
                header = new byte[64];
                break;
        }

        ICMPv6Packet icmpv6Packet = new ICMPv6Packet(new ByteArraySegment(header));
        if (param.type != 0)
        {
            icmpv6Packet.Type = (ICMPv6Types)(param.type);
        }
        else
        {
            icmpv6Packet.Type = ICMPv6Types.EchoRequest;
        }

        if (param.code != 0)
        {
            icmpv6Packet.Code = (byte)param.code;
        }
        else
        {
            icmpv6Packet.Code = (byte)0;
        }

        return icmpv6Packet;
    }