1 /*
2 * This file is part of Gspoof-3 (a console/gtk+ tcp/ip packet forger)
3 *
4 * $Name: console.c $
5 * $Version: 3.2 $
6 * $Date: 2003/12/22 16:30:03 $
7 * $Author: Embyte <embyte@madlab.it> $
8 * $Copyright: Copyright (C) 2002-2003 by embyte $
9 * $License: This software is under GPL version 2 of license $
10 *
11 */
12
13 #include "console.h"
14 #include "common.h"
15
16 u_char ebuf[LIBNET_ERRBUF_SIZE];
17
18 /* random value */
19 u_long seq;
20 u_long ack;
21 u_short id;
22 u_short urgp;
23
24 /* boolean value */
25 u_short multi;
26 u_short ll;
27
28 /* flags opt */
29 u_short furg;
30 u_short fack;
31 u_short fpsh;
32 u_short frst;
33 u_short fsyn;
34 u_short ffin;
35 u_short fcwr;
36 u_short fece;
37
38 char device[10]; /* device (eth0, eth1, ppp0) */
39
40 u_long shost, dhost; /* IP */
41 u_short sport, dport;
42 u_char *data; /* data (tcp payload) */
43
44 /* delay opt */
45 u_short delay;
46 u_long number;
47
48 /* ecn */
49 struct
50 {
51 u_int dscp:8;
52 u_int ecn_ct:2;
53 u_int ecn_ce:1;
54 }
55 ipv4_tos;
56
57 /* temp variable 4 eth addr */
58 u_char *seth_temp;
59 u_char *deth_temp;
60
61 /* eth addr */
62 u_char *seth;
63 u_char *deth;
64
65 /* eth type */
66 u_char *ethtype;
67 u_short evalue;
68
69 /* other opt */
70 u_short tos;
71 u_short ttl;
72 u_short win;
73 u_short datalen; /* data (tcp payload) lenght */
74
75 /* libnet file context (new from libnet-1.1.x ) */
76 libnet_t *l;
77
78 /* other */
79 u_char keystroke;
80 u_short i;
81 char *cmd;
82 u_char *value;
83
run_console()84 int run_console()
85 {
86 u_char r;
87 u_short t=0;
88
89 /* print banner */
90 printf ("\n\t-----------------------\n");
91 printf ("\tRunning in Console Mode\n");
92 printf ("\t-----------------------\n\n");
93
94 cmd = (char *) NULL;
95 data = (char *) NULL;
96
97 value = calloc (20, sizeof(u_char));
98 seth = calloc (6, sizeof(u_char));
99 deth = calloc (6, sizeof(u_char));
100 ethtype = calloc (4, sizeof(u_char));
101
102 clean_values();
103 randomize();
104 autoscan();
105
106 for (;;)
107 {
108 print_menu();
109
110 printf ("\n");
111
112 if (cmd)
113 {
114 free (cmd);
115 cmd = (char *) NULL;
116 }
117
118 do
119 {
120 if (!t)
121 {
122 print_getline (&cmd, "CMD (type 'help' for avaible commands) > ");
123 t = 1;
124 }
125 else
126 print_getline (&cmd, "CMD > ");
127
128 if (!*cmd) t = 0;
129 }
130 while (!*cmd);
131
132 printf ("\n");
133
134 /* read commands */
135 if (!strcmp ("1.1", cmd))
136 {
137 printf ("INTERFACE (%s) : ", device);
138 bzero (device, 10);
139 scanf ("%s", device);
140 keystroke =getchar();
141 }
142 else if (!strcmp ("1.2", cmd))
143 {
144 printf ("SOURCE HW ADDRESS (%X:%X:%X:%X:%X:%X) : ", seth[0], seth[1], seth[2], seth[3], seth[4], seth[5]);
145 do
146 {
147 fgets(value, 20, stdin);
148 free(seth);
149 seth = emb_hex_aton(value);
150 if (seth==NULL)
151 printf ("WRONG MAC ADDRESS! - Retype it : ");
152 }
153 while (seth==NULL);
154 }
155 else if (!strcmp ("1.3", cmd))
156 {
157 printf ("DESTINATION HW ADDRESS (%X:%X:%X:%X:%X:%X) : ", deth[0], deth[1], deth[2], deth[3], deth[4], deth[5]);
158 do
159 {
160 fgets(value, 20, stdin);
161 free (deth);
162 deth = emb_hex_aton(value);
163 if (deth==NULL)
164 printf ("WRONG MAC ADDRESS! - Retype it : ");
165 }
166 while (deth==NULL);
167 }
168 else if (!strcmp ("1.4", cmd))
169 {
170 do
171 {
172 printf ("ETHERNET TYPE (%s) (ip/lo) : ", ethtype);
173 fgets(ethtype, 20, stdin);
174 ethtype = dn(ethtype);
175 }
176 while (strcmp("ip", ethtype) && strcmp("lo", ethtype));
177 if (strcmp(ethtype, "ip")) evalue = 0x9000; /*strcmp return 0 if strings are equal! */
178 }
179 else if (!strcmp ("2.1", cmd))
180 {
181 do
182 {
183 printf ("SOURCE ADDRESS (%s) : ", libnet_addr2name4(shost, LIBNET_DONT_RESOLVE));
184 fgets(value, 20, stdin);
185 if ((shost = libnet_name2addr4(l, dn(value), LIBNET_RESOLVE))==-1)
186 printf ("Error reading source IP\n");
187 }
188 while (shost == -1);
189
190 }
191 else if (!strcmp ("2.2", cmd))
192 {
193 do
194 {
195 printf ("DESTINATION ADDRESS (%s) : ", libnet_addr2name4(dhost, LIBNET_DONT_RESOLVE));
196 fgets(value, 20, stdin);
197 if ((dhost = libnet_name2addr4(l, dn(value), LIBNET_RESOLVE))==-1)
198 printf ("Error reading destination IP\n");
199 }
200 while (dhost == -1);
201 }
202 else if (!strcmp ("2.3", cmd))
203 {
204 do
205 {
206 printf ("TIME TO LIVE (%d) : ", ttl);
207 fgets(value, 20, stdin);
208 ttl = atoi (value);
209 }
210 while (ttl > 255 || atoi(value) < 0);
211 }
212 else if (!strcmp ("2.4", cmd))
213 {
214 do
215 {
216 printf ("ID NUMBER (%d) : ", id);
217 fgets(value, 20, stdin);
218 id = atoi (value);
219 }
220 while (atol(value) > 65535 || atoi(value) < 0);
221 }
222 else if (!strcmp ("2.5", cmd)) /* ENC to IP RFC 3168 */
223 {
224 do
225 {
226 printf ("DIFFERENTIATED SERVICES (%d) : ", ipv4_tos.dscp);
227 fgets(value, 20, stdin);
228 ipv4_tos.dscp = atoi (value);
229 }
230 while (ipv4_tos.dscp > 63 || atoi(value) < 0);
231 }
232 else if (!strcmp ("2.6", cmd))
233 {
234 do
235 {
236 printf ("ECN-CAPABLE TRANSPORT (%d) : ", ipv4_tos.ecn_ct);
237 fgets(value, 3, stdin);
238 ipv4_tos.ecn_ct = atoi (value);
239 value=dn(value);
240 }
241 while (strcmp(value, "0") && strcmp(value, "1"));
242 }
243 else if (!strcmp ("2.7", cmd))
244 {
245 do
246 {
247 printf ("ECN-CE (%d) : ", ipv4_tos.ecn_ce);
248 fgets(value, 3, stdin);
249 ipv4_tos.ecn_ce=atoi(value);
250 value=dn(value);
251 }
252 while (strcmp(value, "0") && strcmp(value, "1"));
253 }
254 else if (!strcmp ("3.1", cmd))
255 {
256 do
257 {
258 printf ("SOURCE PORT (%d) : ", sport);
259 fgets(value, 20, stdin);
260 sport = atoi(value);
261 }
262 while (atol(value) > 65535 || atoi(value) < 0);
263 }
264 else if (!strcmp ("3.2", cmd))
265 {
266 do
267 {
268 printf ("DESTINATION PORT (%d) : ", dport);
269 fgets(value, 20, stdin);
270 dport = atoi(value);
271 }
272 while (atol(value) > 65535 || atoi(value) < 0);
273 }
274 else if (!strcmp ("3.3", cmd))
275 {
276 for (;;)
277 {
278 printf ("\nFLAGS ARE NOW SET : URG %d - RST %d - ACK %d - SYN %d - PSH %d - FIN %d - CWR %d - ECN %d\n\n",
279 furg, frst, fack, fsyn, fpsh, ffin, fcwr, fece);
280 printf ("WHAT FLAG DO YOU WANT TO CHANGE? (URG/RST/ACK/SYN/PSH/FIN/CWR/ECE) (TYPE 'DONE' TO END) : ");
281 fgets(value, 20, stdin);
282
283 value = dn(value);
284
285 if (!strcmp("URG", value) || !strcmp("urg", value))
286 {
287 do
288 {
289 printf ("URG FLAG (%d) : ", furg);
290 fgets(value, 3, stdin);
291 furg = atoi(value);
292 value = dn(value);
293 }
294 while (strcmp(value, "0") && strcmp(value, "1"));
295 }
296 else if (!strcmp("RST", value) || !strcmp("rst", value))
297 {
298 do
299 {
300 printf ("RST FLAG (%d) : ", frst);
301 fgets(value, 3, stdin);
302 frst = atoi(value);
303 value = dn(value);
304 }
305 while (strcmp(value, "0") && strcmp(value, "1"));
306 }
307 else if (!strcmp("ACK", value) || !strcmp("ack", value))
308 {
309 do
310 {
311 printf ("ACK FLAG (%d) : ", fack);
312 fgets(value, 3, stdin);
313 fack = atoi(value);
314 value = dn(value);
315 }
316 while (strcmp(value, "0") && strcmp(value, "1"));
317 }
318 else if (!strcmp("SYN", value) || !strcmp("syn", value))
319 {
320 do
321 {
322 printf ("SYN FLAG (%d) : ", fsyn);
323 fgets(value, 3, stdin);
324 fsyn = atoi(value);
325 value = dn(value);
326 }
327 while (strcmp(value, "0") && strcmp(value, "1"));
328 }
329 else if (!strcmp("PSH", value) || !strcmp("psh", value))
330 {
331 do
332 {
333 printf ("PSH FLAG (%d) : ", fpsh);
334 fgets(value, 3, stdin);
335 fpsh = atoi(value);
336 value = dn(value);
337 }
338 while (strcmp(value, "0") && strcmp(value, "1"));
339 }
340 else if (!strcmp("FIN", value) || !strcmp("fin", value))
341 {
342 do
343 {
344 printf ("FIN FLAG (%d) : ", ffin);
345 fgets(value, 3, stdin);
346 ffin = atoi(value);
347 value = dn(value);
348 }
349 while (strcmp(value, "0") && strcmp(value, "1"));
350 }
351 else if (!strcmp("CWR", value) || !strcmp("cwr", value))
352 {
353 do
354 {
355 printf ("CWR FLAG (%d) : ", fcwr);
356 fgets(value, 3, stdin);
357 fcwr = atoi(value);
358 value = dn(value);
359 }
360 while (strcmp(value, "0") && strcmp(value, "1"));
361 }
362 else if (!strcmp("ECE", value) || !strcmp("ece", value))
363 {
364 do
365 {
366 printf ("ECE FLAG (%d) : ", ffin);
367 fgets(value, 3, stdin);
368 fece = atoi(value);
369 value = dn(value);
370 }
371 while (strcmp(value, "0") && strcmp(value, "1"));
372 }
373 else if (!strcmp("DONE", value) || !strcmp("done", value))
374 break;
375 }
376 }
377 else if (!strcmp ("3.4", cmd))
378 {
379 do
380 {
381 printf ("SEQUENCE NUMBER (%lu) : ", seq);
382 fgets(value, 20, stdin);
383 seq = strtoul(value, NULL, 10);
384 }
385 while (atoi(value) < 0 || strtoll(value, NULL, 10) > 4294967295U);
386 }
387 else if (!strcmp ("3.5", cmd))
388 {
389 do
390 {
391 printf ("ACKNOWLEDGEMENT NUMBER (%lu) : ", ack);
392 fgets(value, 20, stdin);
393 ack = strtoul(value, NULL, 10);
394 }
395 while (atoi(value) < 0 || strtoll(value, NULL, 10) > 4294967295U);
396 }
397 else if (!strcmp ("3.6", cmd))
398 {
399 do
400 {
401 printf ("WINDOW SIZE (%d) : ", win);
402 fgets(value, 20, stdin);
403 win = atoi(value);
404 }
405 while (atoi(value) < 0 || atol (value) > 65535);
406 }
407 else if (!strcmp ("3.7", cmd))
408 {
409 do
410 {
411 printf ("URG POINTER (%d) : ", urgp);
412 fgets(value, 20, stdin);
413 urgp = atoi(value);
414 }
415 while (atoi(value) < 0 || atol (value) > 65535);
416 }
417 else if (!strcmp ("4.1", cmd))
418 {
419 if (data)
420 free (data);
421 data = calloc (128, sizeof(u_char));
422 printf ("INSERT DATA (OR PRESS ENTER FOR NULL): ");
423 fgets(data, 128, stdin);
424 data = dn (data);
425 datalen = strlen (data);
426 if (datalen==0)
427 {
428 free (data); /* fixed: libnet_build_tcp(): payload inconsistency */
429 data = (char *) NULL;
430 }
431 }
432 else if (!strcmp ("4.2", cmd))
433 {
434 do
435 {
436 printf ("LINK LAYER OPERATIONS (1=ENABLE / 0=DISABLE) : ");
437 fgets(value, 3, stdin);
438 ll = atoi(value);
439 }
440 while (ll!=0 && ll!=1);
441 }
442 else if (!strcmp ("4.3", cmd))
443 {
444 do
445 {
446 printf ("\"PSEUDO_FLOAD\" (1=ENABLE / 0=DISABLE) : ");
447 fgets(value, 3, stdin);
448 multi = atoi(value);
449 }
450 while(multi!=0 && multi!=1);
451
452 if (multi)
453 {
454 printf ("NUMBER : ");
455 fgets(value, 20, stdin);
456 number=strtoul(value, NULL, 10);
457 printf ("DELAY (ms) : ");
458 fgets(value, 20, stdin);
459 delay=atoi(value);
460 }
461 }
462 /* */
463 else if (!strcmp ("send", cmd))
464 {
465 r = 'n';
466 do
467 {
468 printf ("%sAre you sure? (y/n) >%s ", RED, WHITE);
469 r=getchar();
470 }
471 while (r!='y' && r!='Y' && r!='n' && r!='N');
472
473 if (r == 'y' || r == 'Y')
474 sendpkg();
475 }
476 else if(!strcmp ("quit", cmd))
477 {
478 printf ("%sGoodbye!%s\n\n", RED, WHITE);
479 /* free memory */
480 if (cmd)
481 free (cmd);
482 if (value)
483 free (value);
484 if (seth)
485 free (seth);
486 if (deth)
487 free (deth);
488 if (data)
489 free (data);
490 if (ethtype)
491 free (ethtype);
492 return 0;
493 }
494 else if(!strcmp ("reset", cmd))
495 {
496 clean_values();
497 randomize();
498 autoscan();
499 }
500 else if (!strcmp ("about", cmd))
501 {
502 printf ("%s%s\n", RED, BANNER);
503 printf ("Author: Embyte (c) 2002-2003\n");
504 printf ("Contact: embyte@madlab.it\n");
505 printf ("Licensed under GPL domain\n\n");
506 printf ("Enjoy!%s\n", WHITE);
507 getchar();
508 }
509
510 else if(!strcmp ("help", cmd))
511 {
512 printf ("Numbers (1.2, 3.2, 2.2...) : modify corresponding field\n");
513 printf ("'send' : write packet on the net!\n");
514 printf ("'reset': reset default values\n");
515 printf ("'about': print version information\n");
516 printf ("'quit' : exit from program\n");
517 printf ("'help' : print this kiddie help\n\n");
518 printf ("Read README for more info (press a Key)");
519 keystroke = getchar();
520 }
521 else
522 printf ("%sError: unknow command ('%s')!%s Type 'help' for available commands\n", RED, cmd, WHITE);
523 }
524
525 }
526
print_menu()527 void print_menu()
528 {
529 printf ("%s\n+------------------------------------------------+\n\n", GREEN);
530 printf ("%s\tETHERNET FIELDS\n%s", RED, WHITE);
531 printf ("%s1.1%s INTERFACE \t\t\t: %s\n", GREEN, WHITE, device);
532 printf ("%s1.2%s SOURCE ADDRESS \t\t: %X:%X:%X:%X:%X:%X\n", GREEN, WHITE, seth[0], seth[1], seth[2], seth[3], seth[4], seth[5]);
533 printf ("%s1.3%s DESTINATION ADDRESS \t: %X:%X:%X:%X:%X:%X\n",GREEN, WHITE, deth[0], deth[1], deth[2], deth[3], deth[4], deth[5]);
534 printf ("%s1.4%s ETHERNET TYPE \t\t: %s\n", GREEN, WHITE, ethtype);
535
536 printf ("\n");
537
538 printf ("%s\tIP FIELDS\n%s", RED, WHITE);
539 printf ("%s2.1%s SOURCE ADDRESS \t\t: %s\n", GREEN, WHITE, libnet_addr2name4(shost, LIBNET_DONT_RESOLVE));
540 printf ("%s2.2%s DESTINATION ADDRESS \t: %s\n", GREEN, WHITE, libnet_addr2name4(dhost, LIBNET_DONT_RESOLVE));
541 printf ("%s2.3%s TIME TO LIVE \t\t: %d\n", GREEN, WHITE, ttl);
542 printf ("%s2.4%s ID NUMBER \t\t\t: %d\n", GREEN, WHITE, id);
543 printf ("%s2.5%s DIFFERENTIATED SERVICE \t: %d\n", GREEN, WHITE, ipv4_tos.dscp);
544 printf ("%s2.6%s ECN-CAPABLE TRANSPORT \t: %d\n", GREEN, WHITE, ipv4_tos.ecn_ct);
545 printf ("%s2.7%s ECN-CE \t\t\t: %d\n", GREEN, WHITE, ipv4_tos.ecn_ce);
546
547 printf ("\n");
548
549 printf ("%s\tTCP FIELDS\n%s", RED, WHITE);
550 printf ("%s3.1%s SOURCE PORT \t\t: %d\n", GREEN, WHITE, sport);
551 printf ("%s3.2%s DESTINATION PORT \t\t: %d\n", GREEN, WHITE, dport);
552 printf ("%s3.3%s FLAGS \t\t\t: URG %d - RST %d\n", GREEN, WHITE, furg, frst);
553 printf ("\t\t\t\t: ACK %d - SYN %d\n", fack, fsyn);
554 printf ("\t\t\t\t: PSH %d - FIN %d\n", fpsh, ffin);
555 printf ("\t\t\t\t: CWR %d - ECE %d\n", fcwr, fece);
556 printf ("%s3.4%s SEQUENCE NUMBER \t\t: %lu\n", GREEN, WHITE, seq);
557 printf ("%s3.5%s ACKNOWLEDGEMENT NUMBER \t: %lu\n", GREEN, WHITE, ack);
558 printf ("%s3.6%s WINDOW SIZE \t\t: %d\n", GREEN, WHITE, win);
559 printf ("%s3.7%s URG POINTER \t\t: %d\n", GREEN, WHITE, urgp);
560
561 printf ("\n");
562
563 printf ("%s\tOPTIONS\n%s", RED, WHITE);
564 if (datalen)
565 printf ("%s4.1%s PAYLOAD \t\t\t: %s (%d byte)\n", GREEN, WHITE, data, datalen);
566 else
567 printf ("%s4.1%s PAYLOAD \t\t\t: (VOID) (0 byte)\n", GREEN, WHITE);
568 if (ll)
569 printf ("%s4.2%s LINK LAYER OPERATIONS \t: ENABLED\n", GREEN, WHITE);
570 else
571 printf ("%s4.2%s LINK LAYER OPERATIONS \t: DISABLED\n",GREEN, WHITE);
572 if (multi)
573 printf ("%s4.3%s \"PSEUDO_FLOAD\" \t\t: ENABLED: NUMBER = %lu ; DELAY = %dms\n", GREEN, WHITE, number, delay);
574 else
575 printf ("%s4.3%s \"PSEUDO_FLOAD\" \t\t: DISABLED, SENDING 1 PACKET AT TIME\n", GREEN, WHITE);
576
577 printf ("\n");
578
579 }
580
clean_values()581 void clean_values()
582 {
583 /* setup default values */
584 memset (ethtype, 0, 4*sizeof(u_char));
585 memset (deth, 0, 6*sizeof(u_char));
586 evalue=0x0800;
587 sprintf (ethtype, "ip");
588
589 shost=0;
590 dhost=0;
591 ttl=64;
592 id=0;
593
594 sport=0;
595 dport=0;
596 fsyn=1;
597 furg=0;
598 fack=0;
599 fpsh=0;
600 frst=0;
601 ffin=0;
602 win=32767;
603
604 /* Setup ECN */
605 ipv4_tos.dscp=0x02;
606 ipv4_tos.ecn_ct=ipv4_tos.ecn_ce=0;
607 fcwr=0;
608 fece=0;
609 tos=0x00;
610
611 ll=0;
612 if (data)
613 {
614 free (data);
615 datalen=0;
616 }
617 if (multi)
618 {
619 multi=0;
620 number=0;
621 delay=0;
622 }
623 }
624
randomize()625 void randomize()
626 {
627 libnet_seed_prand(l);
628 id = (u_short) libnet_get_prand(LIBNET_PRu16);
629 seq = libnet_get_prand(LIBNET_PRu32);
630 ack = libnet_get_prand(LIBNET_PRu32);
631 urgp = (u_short) libnet_get_prand(LIBNET_PRu16);
632
633 }
634
autoscan()635 void autoscan()
636 {
637 struct libnet_ether_addr *ethaddr; /* tmp eth address */
638
639 if ((l=libnet_init (LIBNET_LINK, NULL, ebuf))==NULL)
640 {
641 fprintf (stderr, "\nError creating libnet file context : %s", ebuf);
642 fprintf (stderr, "Have you activated a non-loopback device like eth0? (man ifconfig)\n\n");
643 exit_fail();
644 }
645
646 bzero (device, 10);
647 strcpy(device, libnet_getdevice(l));
648 if (device == NULL)
649 {
650 fprintf (stderr, "\nError: cannot get device name : %s\n", libnet_geterror(l));
651 exit_fail();
652 }
653
654 shost = libnet_get_ipaddr4(l);
655 if (shost == -1)
656 {
657 fprintf (stderr, "\nError: autodetect device ip address failed: %s\n", libnet_geterror(l));
658 exit_fail();
659 }
660
661 ethaddr = libnet_get_hwaddr(l);
662 if (ethaddr == NULL)
663 {
664 fprintf (stderr, "\nError: autodetect device MAC address failed: %s\n", libnet_geterror(l));
665 exit_fail();
666 }
667
668
669 memcpy (seth, ethaddr->ether_addr_octet, 6);
670
671 /* close network descriptor */
672 libnet_destroy(l);
673
674 }
675
sendpkg()676 void sendpkg()
677 {
678 u_short len; /* packet lenght */
679 short w=0; /* byte written */
680 u_short flag=0x00;
681 u_long c=0;
682 /* ecn */
683 u_short tos_dscp, tos_ecn_ct;
684
685 /* control flags */
686 if (ffin) flag+=TH_FIN;
687 if (fsyn) flag+=TH_SYN;
688 if (frst) flag+=TH_RST;
689 if (fpsh) flag+=TH_PUSH;
690 if (fack) flag+=TH_ACK;
691 if (furg) flag+=TH_URG;
692 if (fece) flag+=TH_ECE;
693 if (fcwr) flag+=TH_CWR;
694
695 /* total packet lenght */
696 len = LIBNET_ETH_H + LIBNET_IPV4_H + LIBNET_TCP_H + datalen;
697 /* ll=0 -> len = len - LIBNET_ETH_H (LIBNET_ETH_H is build by kernel and not libnet! */
698
699 /* rebuild IPv4 tos field */
700 tos_dscp=ipv4_tos.dscp<<2;
701 tos_ecn_ct=ipv4_tos.ecn_ct<<1;
702 tos=tos_dscp|tos_ecn_ct|ipv4_tos.ecn_ce;
703
704 printf ("\n");
705
706 if (ll)
707 l = libnet_init (LIBNET_LINK, device, ebuf);
708 else
709 l = libnet_init (LIBNET_RAW4, NULL, ebuf);
710
711 if (l==NULL)
712 {
713 fprintf (stderr, "Error creating libnet file context : %s", ebuf);
714 exit_fail();
715 }
716
717 printf ("%s* Libnet file context created\n", GREEN);
718
719 /* TCP */
720 if (libnet_build_tcp(sport, dport,
721 seq, ack,
722 flag,
723 win,
724 0,
725 urgp,
726 LIBNET_TCP_H+datalen,
727 data,
728 datalen,
729 l, 0)==-1)
730 {
731 fprintf (stderr,"Error during TCP header creation : %s\n", libnet_geterror(l));
732 exit_fail();
733 }
734 printf ("* TCP header build\n");
735
736 /* IP */
737 if (libnet_build_ipv4(LIBNET_TCP_H + LIBNET_IPV4_H + datalen,
738 tos,
739 id,
740 0,
741 ttl,
742 IPPROTO_TCP,
743 0,
744 shost, dhost,
745 NULL, 0, l, 0)==-1)
746 {
747 fprintf (stderr, "Error during IP header creation : %s\n", libnet_geterror(l));
748 exit_fail();
749 }
750 printf ("* IP header build\n");
751
752 /* ETH */
753 if (ll)
754 {
755 if (libnet_build_ethernet(deth, seth,
756 evalue,
757 NULL, 0, l, 0)==-1)
758 {
759 fprintf (stderr, "Error during ethernet header creation : %s\n", libnet_geterror(l));
760 exit_fail();
761 }
762 printf ("* Ethernet frame build\n");
763
764 }
765
766 if (multi)
767 {
768 printf ("** Writing %lu packets (delay = %d ms): ", number, delay);
769 fflush(stdout);
770 for (c=0; c<number; c++)
771 {
772 w = libnet_write(l);
773 if (w==-1)
774 {
775 fprintf (stderr, "Error: %s", libnet_geterror(l));
776 exit_fail();
777 }
778 printf (". ");
779 fflush(stdout);
780 usleep(delay*1000); /*ms! */
781 }
782 printf ("%sDonE! (%lu * %d byte)%s\n", RED, number, w, WHITE);
783 }
784 else
785 {
786 w = libnet_write(l);
787 if (w==-1)
788 {
789 fprintf (stderr, "Error: %s", libnet_geterror(l));
790 exit_fail();
791 }
792 printf("%s** Packet has been correctly send (total %d bytes) %s\n", RED, w, WHITE);
793 }
794
795 /* at the end we close libnet context */
796 libnet_destroy(l);
797 keystroke = getchar();
798 printf ("%s", WHITE);
799 }
800
exit_fail()801 int exit_fail()
802 {
803 libnet_destroy(l);
804 if (cmd) free (cmd);
805 if (value) free (value);
806 if (seth) free (seth);
807 if (deth) free (deth);
808 if (data) free (data);
809 if (ethtype) free (ethtype);
810 return -1;
811 }
812
print_getline(char ** in,const char * format,...)813 void print_getline (char **in, const char *format, ...)
814 {
815 va_list ap;
816 unsigned short lenght=0;
817 char *s;
818
819 /* Write formatted output to stdout */
820 va_start (ap, format);
821 vprintf (format, ap);
822 fflush (stdout);
823 va_end (ap);
824
825 for (s=*in;;)
826 {
827 /* ask for memory (another char) */
828 s=realloc(s, (lenght+1)*sizeof(char));
829
830 if ((*(s+lenght)=getchar())=='\n')
831 {
832 *(s+lenght)='\0'; /* clear enter */
833 break;
834 }
835
836 lenght++;
837 if (lenght==1024) /* stop here to prevent DoS */
838 break;
839 }
840 *in=s;
841 }
842