void Inject(NetworkSniffer sniffer, TcpStream stream, Packet[] packets) { WriteInfo("Injecting packets"); foreach (EthernetPacket p in packets) { // Override ethernet p.DestinationHwAddress = stream.DestinationHwAddress; p.SourceHwAddress = stream.SourceHwAddress; p.UpdateCalculatedValues(); IpPacket ip = (IpPacket)p.PayloadPacket; ip.SourceAddress = stream.Source.Address; ip.DestinationAddress = stream.Destination.Address; ip.UpdateCalculatedValues(); if (ip.Protocol != IPProtocolType.TCP) { continue; } TcpPacket tcp = (TcpPacket)ip.PayloadPacket; tcp.SourcePort = (ushort)stream.Source.Port; tcp.DestinationPort = (ushort)stream.Destination.Port; tcp.UpdateCalculatedValues(); // Send sniffer.Send(p); } }
private void SendRstPacket(EthernetPacket ethernetPacket, IPPacket ipPacket, TcpPacket tcpPacket) { var sourceHwAddress = PhysicalAddress.Parse(ethernetPacket.SourceHwAddress.ToString()); var sourceAddress = IPAddress.Parse(ipPacket.SourceAddress.ToString()); var acknowledgementNumber = tcpPacket.AcknowledgmentNumber; var sourcePort = tcpPacket.SourcePort; ethernetPacket.SourceHwAddress = ethernetPacket.DestinationHwAddress; ethernetPacket.DestinationHwAddress = sourceHwAddress; ipPacket.SourceAddress = ipPacket.DestinationAddress; ipPacket.DestinationAddress = sourceAddress; tcpPacket.Syn = false; tcpPacket.Ack = false; tcpPacket.Rst = true; tcpPacket.AcknowledgmentNumber = tcpPacket.SequenceNumber; tcpPacket.SequenceNumber = acknowledgementNumber; tcpPacket.SourcePort = tcpPacket.DestinationPort; tcpPacket.DestinationPort = sourcePort; tcpPacket.Checksum = tcpPacket.CalculateTCPChecksum(); ethernetPacket.UpdateCalculatedValues(); ipPacket.UpdateCalculatedValues(); tcpPacket.UpdateCalculatedValues(); ipPacket.PayloadPacket = tcpPacket; ethernetPacket.PayloadPacket = ipPacket; this.captureDevice.SendPacket(ethernetPacket); }
// IPv4 + TCP数据包封装函数 private EthernetPacket TcPonIPv4PacketMaker() { // Ether封包 var ether = new EthernetPacket(PhysicalAddress.Parse(MakeMaCaddr(SourceMAC1.Text, SourceMAC2.Text, SourceMAC3.Text, SourceMAC4.Text, SourceMAC5.Text, SourceMAC6.Text)), PhysicalAddress.Parse(MakeMaCaddr(DestMAC1.Text, DestMAC2.Text, DestMAC3.Text, DestMAC4.Text, DestMAC5.Text, DestMAC6.Text)), EthernetPacketType.IPv4); // TCP封包 var tcp = new TcpPacket(Convert.ToUInt16(SourcePortTextBox.Text), Convert.ToUInt16(DestPortTextBox.Text)) { Urg = TCPFlagsCheckedListBox.GetItemChecked(0), Ack = TCPFlagsCheckedListBox.GetItemChecked(1), Psh = TCPFlagsCheckedListBox.GetItemChecked(2), Rst = TCPFlagsCheckedListBox.GetItemChecked(3), Syn = TCPFlagsCheckedListBox.GetItemChecked(4), Fin = TCPFlagsCheckedListBox.GetItemChecked(5), SequenceNumber = Convert.ToUInt32(SequenceTextBox.Text), AcknowledgmentNumber = Convert.ToUInt32(AcknowledgmentTextBox.Text), WindowSize = Convert.ToUInt16(WindowSizeTextBox.Text), UrgentPointer = Convert.ToInt32(UrgPointerTextBox.Text) }; if (PayloadTextBox.Text.Length != 0) { tcp.PayloadData = Encoding.ASCII.GetBytes(PayloadTextBox.Text); } tcp.UpdateCalculatedValues(); // IPv4封包 var IPv4 = new IPv4Packet(IPAddress.Parse(MakeIPaddr(SourceIP1.Text, SourceIP2.Text, SourceIP3.Text, SourceIP4.Text)), IPAddress.Parse(MakeIPaddr(DestIP1.Text, DestIP2.Text, DestIP3.Text, DestIP4.Text))) { TimeToLive = Convert.ToInt32(TTLTextBox.Text), Protocol = IPProtocolType.TCP, Version = IPVersion.IPv4, FragmentFlags = Convert.ToInt16(FragmentFlagsTextBox.Text), FragmentOffset = Convert.ToInt32(FragmentOffsetTextBox.Text), TypeOfService = Convert.ToInt32(TOSTextBox.Text), Id = Convert.ToUInt16(IdentifierTextbox.Text), PayloadPacket = tcp }; ether.PayloadPacket = IPv4; IPv4.ParentPacket = ether; IPv4.UpdateIPChecksum(); tcp.ParentPacket = IPv4; tcp.UpdateTCPChecksum(); return(ether); }
/// <summary> /// 尝试发送FIN+ACK标志结束某一组互联网上的连接。 /// </summary> /// <param name="srcAddress">连接的起点,应为小端地址。</param> /// <param name="srcPort">连接起点的端口。</param> /// <param name="dstAddress">连接的终点,应为大端地址。</param> /// <param name="dstPort">连接终点的端口。</param> /// <returns>成功发送包返回true,失败返回false。</returns> public bool KillConnection(IPAddress srcAddress, ushort srcPort, IPAddress dstAddress, ushort dstPort) { EthernetPacket ether; // 寻找指定目标 lock (_tcpLinks) { if (_tcpLinks.All(item => !(item.SrcAddress.Equals(srcAddress) && item.SrcPort == srcPort) || !(item.DstAddress.Equals(dstAddress) && item.DstPort == dstPort))) { return(false); } ether = new EthernetPacket(_tcpLinks.Find(item => item.SrcAddress.Equals(srcAddress) && item.SrcPort == srcPort && item.DstAddress.Equals(dstAddress) && item.DstPort == dstPort) .LastPacket.BytesHighPerformance); } // 解析包数据 var ipv4 = (IPv4Packet)ether.PayloadPacket; var tcp = (TcpPacket)ipv4.PayloadPacket; // 设置数据包内容 var payload = new TcpPacket(tcp.SourcePort, tcp.DestinationPort) { Fin = true, Ack = true, SequenceNumber = (uint)(tcp.SequenceNumber + (tcp.PayloadPacket?.TotalPacketLength ?? 0)), AcknowledgmentNumber = tcp.AcknowledgmentNumber, WindowSize = tcp.WindowSize }; payload.UpdateCalculatedValues(); ipv4.PayloadPacket = payload; payload.ParentPacket = ipv4; payload.UpdateTCPChecksum(); _device.SendPacket(ether); return(true); }
static void Ns_OnPacket(object sender, IPProtocolType protocolType, EthernetPacket packet) { NetworkSniffer ns = (NetworkSniffer)sender; IPv4Packet ip = (IPv4Packet)packet.PayloadPacket; TcpPacket t = (TcpPacket)ip.PayloadPacket; // Si el paquete recibido es el de respuesta OK del mysql if (t.PayloadData.SequenceEqual(ResponseOk)) { Parent = packet; // Replicamos el paquete, enviando el payload de la fila, si, antes de recibir el SELECT LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length); ip.Id++; t.SequenceNumber = LastSequenceId; t.OptionsCollection.Clear(); t.PayloadData = Payload; t.Ack = true; t.Psh = true; ip.UpdateCalculatedValues(); t.UpdateCalculatedValues(); ip.UpdateIPChecksum(); t.UpdateTCPChecksum(); ns.Send(packet); LastSequenceId = (uint)(t.SequenceNumber + t.PayloadData.Length); Console.WriteLine(t.ToString(StringOutputType.Verbose)); } else { // Si el paquete contiene el valor SELECT string ascii = Encoding.ASCII.GetString(t.PayloadData); if (Parent != null && ascii.Contains("SELECT")) { // Ya no actuamos mas ns.OnPacket -= Ns_OnPacket; ip = (IPv4Packet)Parent.PayloadPacket; t = (TcpPacket)ip.PayloadPacket; // Enviamos un ACK del paquete recibido, para darle por bueno t.SequenceNumber = LastSequenceId; t.AcknowledgmentNumber = t.AcknowledgmentNumber; t.PayloadData = new byte[] { }; ip.Id++; t.Ack = true; t.Psh = false; ip.UpdateCalculatedValues(); t.UpdateCalculatedValues(); ip.UpdateIPChecksum(); t.UpdateTCPChecksum(); ns.Send(packet); Console.WriteLine(t.ToString(StringOutputType.Verbose)); } } }