/// <summary>
/// Basic capture example
/// </summary>
public static void Main(string[] args)
{
// Print SharpPcap version
string ver = SharpPcap.Version.VersionString;
Console.WriteLine("SharpPcap {0}, Example10.SendQueues.cs\n", ver);
Console.Write("-- Please enter an input capture file name: ");
string capFile = Console.ReadLine();
ICaptureDevice device;
try
{
// Get an offline file pcap device
device = new CaptureFileReaderDevice(capFile);
// Open the device for capturing
device.Open();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return;
}
Console.Write("Queueing packets...");
//Allocate a new send queue
var squeue = new SharpPcap.WinPcap.SendQueue
((int)((CaptureFileReaderDevice)device).FileSize);
RawCapture packet;
try
{
//Go through all packets in the file and add to the queue
while ((packet = device.GetNextPacket()) != null)
{
if (!squeue.Add(packet))
{
Console.WriteLine("Warning: packet buffer too small, " +
"not all the packets will be sent.");
break;
}
}
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return;
}
Console.WriteLine("OK");
Console.WriteLine();
Console.WriteLine("The following devices are available on this machine:");
Console.WriteLine("----------------------------------------------------");
Console.WriteLine();
int i = 0;
var devices = LibPcapLiveDeviceList.Instance;
/* Scan the list printing every entry */
foreach (var dev in devices)
{
/* Description */
Console.WriteLine("{0}) {1} {2}", i, dev.Name, dev.Description);
i++;
}
Console.WriteLine();
Console.Write("-- Please choose a device to transmit on: ");
i = int.Parse(Console.ReadLine());
devices[i].Open();
string resp;
if (devices[i].LinkType != device.LinkType)
{
Console.Write("Warning: the datalink of the capture" +
" differs from the one of the selected interface, continue? [YES|no]");
resp = Console.ReadLine().ToLower();
if ((resp != "") && (!resp.StartsWith("y")))
{
Console.WriteLine("Cancelled by user!");
devices[i].Close();
return;
}
}
// close the offline device
device.Close();
// find the network device for sending the packets we read
device = devices[i];
Console.Write("This will transmit all queued packets through" +
" this device, continue? [YES|no]");
resp = Console.ReadLine().ToLower();
if ((resp != "") && (!resp.StartsWith("y")))
{
Console.WriteLine("Cancelled by user!");
return;
}
try
{
var winPcapDevice = device as WinPcapDevice;
Console.Write("Sending packets...");
int sent = winPcapDevice.SendQueue(squeue, SharpPcap.WinPcap.SendQueueTransmitModes.Synchronized);
Console.WriteLine("Done!");
if (sent < squeue.CurrentLength)
{
Console.WriteLine("An error occurred sending the packets: {0}. " +
"Only {1} bytes were sent\n", device.LastError, sent);
}
}
catch (Exception e)
{
Console.WriteLine("Error: " + e.Message);
}
//Free the queue
squeue.Dispose();
Console.WriteLine("-- Queue is disposed.");
//Close the pcap device
device.Close();
Console.WriteLine("-- Device closed.");
Console.Write("Hit 'Enter' to exit...");
Console.ReadLine();
}
/// <summary>
/// Sends all packets in a 'PcapSendQueue' out this pcap device
/// </summary>
/// <param name="q">
/// A <see cref="SendQueue"/>
/// </param>
/// <param name="transmitMode">
/// A <see cref="SendQueueTransmitModes"/>
/// </param>
/// <returns>
/// A <see cref="int"/>
/// </returns>
public int SendQueue(SendQueue q, SendQueueTransmitModes transmitMode)
{
return(q.Transmit(this, transmitMode));
}
/// <summary>
/// Basic capture example
/// </summary>
public static void Main(string[] args)
{
// Print SharpPcap version
string ver = SharpPcap.Version.VersionString;
Console.WriteLine("SharpPcap {0}, Example10.SendQueues.cs\n", ver);
Console.Write("-- Please enter an input capture file name: ");
string capFile = Console.ReadLine();
ICaptureDevice device;
try
{
// Get an offline file pcap device
device = new CaptureFileReaderDevice(capFile);
// Open the device for capturing
device.Open();
}
catch(Exception e)
{
Console.WriteLine(e.Message);
return;
}
Console.Write("Queueing packets...");
//Allocate a new send queue
var squeue = new SharpPcap.WinPcap.SendQueue
( (int)((CaptureFileReaderDevice)device).FileSize );
RawCapture packet;
try
{
//Go through all packets in the file and add to the queue
while((packet = device.GetNextPacket()) != null )
{
if( !squeue.Add( packet ) )
{
Console.WriteLine("Warning: packet buffer too small, "+
"not all the packets will be sent.");
break;
}
}
}
catch(Exception e)
{
Console.WriteLine(e.Message);
return;
}
Console.WriteLine("OK");
Console.WriteLine();
Console.WriteLine("The following devices are available on this machine:");
Console.WriteLine("----------------------------------------------------");
Console.WriteLine();
int i=0;
var devices = LibPcapLiveDeviceList.Instance;
/* Scan the list printing every entry */
foreach(var dev in devices)
{
/* Description */
Console.WriteLine("{0}) {1} {2}", i, dev.Name, dev.Description);
i++;
}
Console.WriteLine();
Console.Write("-- Please choose a device to transmit on: ");
i = int.Parse( Console.ReadLine() );
devices[i].Open();
string resp;
if(devices[i].LinkType != device.LinkType)
{
Console.Write("Warning: the datalink of the capture" +
" differs from the one of the selected interface, continue? [YES|no]");
resp = Console.ReadLine().ToLower();
if((resp!="")&&( !resp.StartsWith("y")))
{
Console.WriteLine("Cancelled by user!");
devices[i].Close();
return;
}
}
// close the offline device
device.Close();
// find the network device for sending the packets we read
device = devices[i];
Console.Write("This will transmit all queued packets through"+
" this device, continue? [YES|no]");
resp = Console.ReadLine().ToLower();
if((resp!="") && ( !resp.StartsWith("y")))
{
Console.WriteLine("Cancelled by user!");
return;
}
try
{
var winPcapDevice = device as WinPcapDevice;
Console.Write("Sending packets...");
int sent = winPcapDevice.SendQueue(squeue, SharpPcap.WinPcap.SendQueueTransmitModes.Synchronized);
Console.WriteLine("Done!");
if( sent < squeue.CurrentLength )
{
Console.WriteLine("An error occurred sending the packets: {0}. "+
"Only {1} bytes were sent\n", device.LastError, sent);
}
}
catch(Exception e)
{
Console.WriteLine( "Error: "+e.Message );
}
//Free the queue
squeue.Dispose();
Console.WriteLine("-- Queue is disposed.");
//Close the pcap device
device.Close();
Console.WriteLine("-- Device closed.");
Console.Write("Hit 'Enter' to exit...");
Console.ReadLine();
}
// worker function for sending ARP requests
private void WorkerSender()
{
// get start/end IP
long[] range = Network.MaskToStartEnd(deviceInfo.IP, deviceInfo.Mask);
long startIP = range[0];
long endIP = range[1];
long currentIP = startIP;
var possibilities = (int)endIP - (int)startIP;
var sendQueue = new SendQueue(possibilities * 80);
var deviceIP = IPAddress.Parse(deviceInfo.IP);
// create ARP requests for all the hosts in our subnet);
while (currentIP <= endIP)
{
sendQueue.Add(GenerateARPRequest(Network.LongToIP(currentIP), deviceIP).Bytes);
currentIP++;
}
// send our queue
sendQueue.Transmit(device, SendQueueTransmitModes.Normal);
Thread.Sleep(3000);
// stop other threads and stop scanning
Started = false;
workerARP.Join();
workerNDP.Join();
ScanCompleted();
return;
}
// send old ARP information to targets
private void ReArpTargets()
{
// somewhere around 58 bytes for an ARP reply
var sendQueue = new SendQueue(SpoofingTargets1.Count * 2 * 60);
foreach (Target target1 in SpoofingTargets1)
{
sendQueue.Add(GenerateARPReply(target1.IP, SpoofingTarget2.IP, SpoofingTarget2.PMAC, target1.PMAC).Bytes);
sendQueue.Add(GenerateARPReply(SpoofingTarget2.IP, target1.IP, target1.PMAC, SpoofingTarget2.PMAC).Bytes);
}
device.SendQueue(sendQueue, SendQueueTransmitModes.Normal);
sendQueue.Dispose();
return;
}
// worker for sending ARP reply packets
public void WorkerSender()
{
var sendQueue = new SendQueue((SpoofingTargets1.Count * 2 * 60) + 60);
foreach (Target target1 in SpoofingTargets1)
{
// send fake replies to the gateway
sendQueue.Add(GenerateARPReply(target1.IP, SpoofingTarget2.IP, SpoofingTarget2.PMAC).Bytes);
// senda fake replies to targets
sendQueue.Add(GenerateARPReply(SpoofingTarget2.IP, target1.IP, target1.PMAC).Bytes);
}
while (SpoofingStarted)
{
sendQueue.Transmit(device, SendQueueTransmitModes.Normal);
Thread.Sleep(2500);
}
sendQueue.Dispose();
return;
}
// worker for routing IPv4 packets
public void WorkerRouter()
{
while (SpoofingStarted)
{
// size of packets - needed for send queue (set some starting value - it seems the length is not set correctly during threadQueue packet copying)
int bufferSize = 2048;
// copy packets to thread's packet storage (threadRoutingQueue)
lock (PacketQueueRouting)
{
foreach (Packet packet in PacketQueueRouting)
{
threadQueueRouting.Add(packet);
bufferSize += packet.Bytes.Length;
}
PacketQueueRouting.Clear();
}
if (threadQueueRouting.Count > 0)
{
var sendQueue = new SendQueue(bufferSize);
// loop through packets and change MAC addresses
foreach (Packet packet in threadQueueRouting)
{
if (packet == null) continue;
var ethernetPacket = (packet as EthernetPacket);
if (ethernetPacket == null) continue;
var ip = (packet is IpPacket ? (IpPacket)packet : IpPacket.GetEncapsulated(packet));
// discard invalid packets
if (ip is IPv4Packet && (((IPv4Packet)ip).Checksum == 0 || !((IPv4Packet)ip).ValidIPChecksum)) continue;
var sourceIP = ip.SourceAddress.ToString();
var destinationIP = ip.DestinationAddress.ToString();
var sourceMAC = ethernetPacket.SourceHwAddress.ToString();
var destinationMAC = ethernetPacket.DestinationHwAddress.ToString();
if (destinationMAC == sourceMAC) continue;
// block PPTP if necessary (exclude local computer)
if (blockPPTP && sourceIP != deviceInfo.IP && destinationIP != deviceInfo.IP)
{
// block GRE
if (ip.Protocol == IPProtocolType.GRE) continue;
// check for port 1723 and block it
if (ip.Protocol == IPProtocolType.TCP)
{
var tcp = TcpPacket.GetEncapsulated(packet);
if (tcp != null && (tcp.SourcePort == 1723 || tcp.DestinationPort == 1723)) continue;
}
}
// incoming packets - change destination MAC back to target's MAC
if (IPtoMACTargets1.ContainsKey(destinationIP) && (destinationMAC != IPtoMACTargets1[destinationIP].ToString()))
{
ethernetPacket.SourceHwAddress = physicalAddress;
ethernetPacket.DestinationHwAddress = IPtoMACTargets1[destinationIP];
if (ethernetPacket.Bytes != null) sendQueue.Add(packet.Bytes);
}
// outgoing packets - change destination MAC to gateway's MAC
if (IPtoMACTargets1.ContainsKey(sourceIP) && (destinationMAC != SpoofingTarget2.PMAC.ToString()))
{
ethernetPacket.SourceHwAddress = physicalAddress;
ethernetPacket.DestinationHwAddress = SpoofingTarget2.PMAC;
if (ethernetPacket.Bytes != null) sendQueue.Add(packet.Bytes);
}
}
sendQueue.Transmit(device, SendQueueTransmitModes.Normal);
sendQueue.Dispose();
threadQueueRouting.Clear();
}
else
{
Thread.Sleep(1);
}
}
return;
}
// worker function for sending RA packets
public void WorkerSender()
{
while (SpoofingStarted)
{
// we need to generate packets inside the loop, because IPv6toMACTargets can change (86 bytes for ND, 166 for RA ?)
var sendQueue = new SendQueue(IPv6toMACTargets.Count * 86 + 166 + 512);
sendQueue.Add(GenerateRouterAdvertisement(prefix).Bytes);
foreach (var target in IPv6toMACTargets)
{
// send spoofed ND advertisements to the gateway
if(target.Key != gatewayIPv6) sendQueue.Add(GenerateNDAdvertisement(target.Key).Bytes);
}
sendQueue.Transmit(device, SendQueueTransmitModes.Normal);
sendQueue.Dispose();
Thread.Sleep(2500);
}
return;
}
// worker function for routing IPv6 packets
public void WorkerRouter()
{
while (SpoofingStarted)
{
// size of packets - needed for send queue (set some starting value - it seems the length is not set correctly during threadQueue packet copying)
int bufferSize = 2048;
// copy packets to threadRoutingQueue
lock (PacketQueueRouting)
{
foreach (Packet packet in PacketQueueRouting)
{
threadQueueRouting.Add(packet);
bufferSize += packet.Bytes.Length;
}
PacketQueueRouting.Clear();
}
if (threadQueueRouting.Count > 0)
{
var sendQueue = new SendQueue(bufferSize);
// loop through packets and change MAC addresses
foreach (Packet packet in threadQueueRouting)
{
if (packet == null) continue;
var ethernetPacket = (packet as EthernetPacket);
if (ethernetPacket == null) continue;
var ip = (packet is IpPacket ? (IpPacket)packet : IpPacket.GetEncapsulated(packet));
var sourceIP = ip.SourceAddress.ToString();
var destinationIP = ip.DestinationAddress.ToString();
var destinationMAC = ethernetPacket.DestinationHwAddress.ToString();
if (sourceIP == deviceInfo.IPv6 || destinationIP == deviceInfo.IPv6) continue;
// skip local network traffic
if ((sourceIP.Contains(prefix.Replace("::", ":")) && destinationIP.Contains(prefix.Replace("::", ":"))) || (sourceIP.Contains("fe80::") || destinationIP.Contains("fe80::"))) continue;
// check for IPv6 - MAC entry existance (check only addresses from this network) and add it if necessary (we need this because scanner cannot pick up IPv6 addresses of all the targets)
if (sourceIP.Contains(prefix.Replace("::", ":")) && !IPv6toMACTargets.ContainsKey(sourceIP) && !sourceIP.Contains("fe80::"))
{
lock (IPv6toMACTargets)
{
IPv6toMACTargets.Add(sourceIP, ethernetPacket.SourceHwAddress);
}
}
// incoming packets (internet -> nighthawk) - change destination MAC back to target's MAC
if (IPv6toMACTargets.ContainsKey(destinationIP) && (destinationMAC != IPv6toMACTargets[destinationIP].ToString()))
{
ethernetPacket.SourceHwAddress = physicalAddress;
ethernetPacket.DestinationHwAddress = IPv6toMACTargets[destinationIP];
if (ethernetPacket.Bytes != null) sendQueue.Add(packet.Bytes);
}
// outgoing packets (targets -> nighthawk) - change destination MAC to gateway's MAC
if (IPv6toMACTargets.ContainsKey(sourceIP) && (destinationMAC != IPv6toMACTargets[gatewayIPv6].ToString()))
{
ethernetPacket.SourceHwAddress = physicalAddress;
ethernetPacket.DestinationHwAddress = IPv6toMACTargets[gatewayIPv6];
if (ethernetPacket.Bytes != null) sendQueue.Add(packet.Bytes);
}
}
sendQueue.Transmit(device, SendQueueTransmitModes.Normal);
sendQueue.Dispose();
threadQueueRouting.Clear();
}
else
{
Thread.Sleep(1);
}
}
return;
}