1 /*
2 * $smu-mark$
3 * $name: main.c$
4 * $author: Salvatore Sanfilippo <antirez@invece.org>$
5 * $copyright: Copyright (C) 1999 by Salvatore Sanfilippo$
6 * $license: This software is under GPL version 2 of license$
7 * $date: Fri Nov 5 11:55:48 MET 1999$
8 * $rev: 8$
9 */
10
11 /*
12 * hping official page at http://www.kyuzz.org/antirez
13 * Covered by GPL version 2, Read the COPYING file for more information
14 */
15
16 /* $Id: main.c,v 1.26 2003/08/07 23:55:55 antirez Exp $ */
17
18 #include <unistd.h>
19 #include <string.h>
20 #include <stdio.h>
21 #include <stdlib.h>
22 #include <sys/socket.h>
23 #include <netinet/in.h>
24 #include <arpa/inet.h>
25 #include <signal.h>
26 #include <time.h>
27 #include <sys/time.h>
28 #include <sys/types.h>
29
30 #include "hping2.h"
31
32 #if (!defined OSTYPE_LINUX) || (defined FORCE_LIBPCAP)
33 #include <pcap.h>
34 #endif /* ! OSTYPE_LINUX || FORCE_LIBPCAP */
35
36 /* globals */
37 unsigned int
38 tcp_th_flags = 0,
39 linkhdr_size, /* physical layer header size */
40 ip_tos = 0,
41 set_seqnum = FALSE,
42 tcp_seqnum = FALSE,
43 set_ack,
44 h_if_mtu,
45 virtual_mtu = DEFAULT_VIRTUAL_MTU,
46 ip_frag_offset = 0,
47 signlen,
48 lsr_length = 0,
49 ssr_length = 0,
50 tcp_ack;
51
52
53 unsigned short int
54 data_size = 0;
55
56 float
57 rtt_min = 0,
58 rtt_max = 0,
59 rtt_avg = 0;
60
61 int
62 sockpacket,
63 sockraw,
64 sent_pkt = 0,
65 recv_pkt = 0,
66 out_of_sequence_pkt = 0,
67 sending_wait = DEFAULT_SENDINGWAIT, /* see DEFAULT_SENDINGWAIT */
68 opt_rawipmode = FALSE,
69 opt_icmpmode = FALSE,
70 opt_udpmode = FALSE,
71 opt_scanmode = FALSE,
72 opt_listenmode = FALSE,
73 opt_waitinusec = FALSE,
74 opt_numeric = FALSE,
75 opt_gethost = TRUE,
76 opt_quiet = FALSE,
77 opt_relid = FALSE,
78 opt_fragment = FALSE,
79 opt_df = FALSE,
80 opt_mf = FALSE,
81 opt_debug = FALSE,
82 opt_verbose = FALSE,
83 opt_winid_order = FALSE,
84 opt_keepstill = FALSE,
85 opt_datafromfile= FALSE,
86 opt_hexdump = FALSE,
87 opt_contdump = FALSE,
88 opt_sign = FALSE,
89 opt_safe = FALSE,
90 opt_end = FALSE,
91 opt_traceroute = FALSE,
92 opt_seqnum = FALSE,
93 opt_incdport = FALSE,
94 opt_force_incdport = FALSE,
95 opt_icmptype = DEFAULT_ICMP_TYPE,
96 opt_icmpcode = DEFAULT_ICMP_CODE,
97 opt_rroute = FALSE,
98 opt_tcpexitcode = FALSE,
99 opt_badcksum = FALSE,
100 opt_tr_keep_ttl = FALSE,
101 opt_tcp_timestamp = FALSE,
102 opt_tr_stop = FALSE,
103 opt_tr_no_rtt = FALSE,
104 opt_rand_dest = FALSE,
105 opt_rand_source = FALSE,
106 opt_lsrr = FALSE,
107 opt_ssrr = FALSE,
108 opt_cplt_rte = FALSE,
109 tcp_exitcode = 0,
110 src_ttl = DEFAULT_TTL,
111 src_id = -1, /* random */
112 base_dst_port = DEFAULT_DPORT,
113 dst_port = DEFAULT_DPORT,
114 src_port,
115 sequence = 0,
116 initsport = DEFAULT_INITSPORT,
117 src_winsize = DEFAULT_SRCWINSIZE,
118 src_thoff = (TCPHDR_SIZE >> 2),
119 count = DEFAULT_COUNT,
120 ctrlzbind = DEFAULT_BIND,
121 delaytable_index= 0,
122 eof_reached = FALSE,
123 icmp_ip_version = DEFAULT_ICMP_IP_VERSION,
124 icmp_ip_ihl = DEFAULT_ICMP_IP_IHL,
125 icmp_ip_tos = DEFAULT_ICMP_IP_TOS,
126 icmp_ip_tot_len = DEFAULT_ICMP_IP_TOT_LEN,
127 icmp_ip_id = DEFAULT_ICMP_IP_ID,
128 icmp_ip_protocol= DEFAULT_ICMP_IP_PROTOCOL,
129 icmp_ip_srcport = DEFAULT_DPORT,
130 icmp_ip_dstport = DEFAULT_DPORT,
131 opt_force_icmp = FALSE,
132 icmp_cksum = DEFAULT_ICMP_CKSUM,
133 raw_ip_protocol = DEFAULT_RAW_IP_PROTOCOL;
134
135 char
136 datafilename [1024],
137 targetname [1024],
138 targetstraddr [1024],
139 ifname [1024] = {'\0'},
140 ifstraddr [1024],
141 spoofaddr [1024],
142 icmp_ip_srcip [1024],
143 icmp_ip_dstip [1024],
144 icmp_gwip [1024],
145 sign [1024],
146 rsign [1024], /* reverse sign (hping -> gniph) */
147 ip_opt [40],
148 *opt_scanports = "";
149
150 unsigned char
151 lsr [255] = {0},
152 ssr [255] = {0};
153
154 unsigned
155 ip_optlen = 0;
156
157 struct sockaddr_in
158 icmp_ip_src,
159 icmp_ip_dst,
160 icmp_gw,
161 local,
162 remote;
163
164 struct itimerval usec_delay;
165 volatile struct delaytable_element delaytable[TABLESIZE];
166
167 struct hcmphdr *hcmphdr_p; /* global pointer used by send_hcmp to transfer
168 hcmp headers to data_handler */
169
170 #if (!defined OSTYPE_LINUX) || (defined FORCE_LIBPCAP)
171 pcap_t *pcapfp;
172 char errbuf[PCAP_ERRBUF_SIZE];
173 struct pcap_pkthdr hdr;
174 #endif /* ! OSTYPE_LINUX || FORCE_LIBPCAP */
175
176 /* main */
main(int argc,char ** argv)177 int main(int argc, char **argv)
178 {
179 char setflags[1024] = {'\0'};
180 int c, hdr_size;
181
182 if (parse_options(argc, argv) == -1) {
183 printf("hping2: missing host argument\n"
184 "Try `hping2 --help' for more information.\n");
185 exit(1);
186 }
187
188 /* reverse sign */
189 if (opt_sign || opt_listenmode) {
190 char *src = sign+strlen(sign)-1; /* last char before '\0' */
191 char *dst = rsign;
192
193 while(src>=sign)
194 *dst++ = *src--;
195 *dst = '\0';
196 if (opt_debug)
197 printf("DEBUG: reverse sign: %s\n", rsign);
198 }
199
200 /* get target address before interface processing */
201 if ((!opt_listenmode && !opt_safe) && !opt_rand_dest)
202 resolve((struct sockaddr*)&remote, targetname);
203
204 if (opt_rand_dest) {
205 strlcpy(targetstraddr, targetname, sizeof(targetstraddr));
206 } else {
207 strlcpy(targetstraddr, inet_ntoa(remote.sin_addr),
208 sizeof(targetstraddr));
209 }
210
211 /* get interface's name and address */
212 if ( get_if_name() == -1 ) {
213 printf("[main] no such device\n");
214 exit(1);
215 }
216
217 if (opt_verbose || opt_debug) {
218 printf("using %s, addr: %s, MTU: %d\n",
219 ifname, ifstraddr, h_if_mtu);
220 }
221
222 /* open raw socket */
223 sockraw = open_sockraw();
224 if (sockraw == -1) {
225 printf("[main] can't open raw socket\n");
226 exit(1);
227 }
228
229 /* set SO_BROADCAST option */
230 socket_broadcast(sockraw);
231 /* set SO_IPHDRINCL option */
232 socket_iphdrincl(sockraw);
233
234 /* open sock packet or libpcap socket */
235 #if (defined OSTYPE_LINUX) && (!defined FORCE_LIBPCAP)
236 sockpacket = open_sockpacket();
237 if (sockpacket == -1) {
238 printf("[main] can't open packet socket\n");
239 exit(1);
240 }
241 #else
242 if (open_pcap() == -1) {
243 printf("[main] open_pcap failed\n");
244 exit(1);
245 }
246 #endif /* OSTYPE_LINUX && !FORCE_LIBPCAP */
247
248 /* get physical layer header size */
249 if ( get_linkhdr_size(ifname) == -1 ) {
250 printf("[main] physical layer header size unknown\n");
251 exit(1);
252 }
253
254 if (spoofaddr[0] == '\0')
255 resolve((struct sockaddr*)&local, ifstraddr);
256 else
257 resolve((struct sockaddr*)&local, spoofaddr);
258
259 if (icmp_ip_srcip[0] == '\0')
260 resolve((struct sockaddr*)&icmp_ip_src, "1.2.3.4");
261 else
262 resolve((struct sockaddr*)&icmp_ip_src, icmp_ip_srcip);
263
264 if (icmp_ip_dstip[0] == '\0')
265 resolve((struct sockaddr*)&icmp_ip_dst, "5.6.7.8");
266 else
267 resolve((struct sockaddr*)&icmp_ip_dst, icmp_ip_dstip);
268
269 if (icmp_gwip[0] == '\0')
270 resolve((struct sockaddr*)&icmp_gw, "0.0.0.0");
271 else
272 resolve((struct sockaddr*)&icmp_gw, icmp_gwip);
273
274 srand(time(NULL));
275
276 /* set initial source port */
277 if (initsport == -1)
278 initsport = src_port = 1024 + (rand() % 2000);
279 else
280 src_port = initsport;
281
282 for (c = 0; c < TABLESIZE; c++)
283 delaytable[c].seq = -1;
284
285 /* use SIGALRM to send packets like ping do */
286 Signal(SIGALRM, send_packet);
287
288 /* binding */
289 if (ctrlzbind != BIND_NONE) Signal(SIGTSTP, inc_destparm);
290 Signal(SIGINT, print_statistics);
291 Signal(SIGTERM, print_statistics);
292
293 /* if we are in listemode enter in listenmain() else */
294 /* print HPING... bla bla bla and enter in wait_packet() */
295 if (opt_listenmode) {
296 fprintf(stderr, "hping2 listen mode\n");
297
298 /* memory protection */
299 if (memlockall() == -1) {
300 perror("[main] memlockall()");
301 fprintf(stderr, "Warning: can't disable memory paging!\n");
302 } else if (opt_verbose || opt_debug) {
303 printf("Memory paging disabled\n");
304 }
305 listenmain();
306 /* UNREACHED */
307 }
308
309 /* Scan mode */
310 if (opt_scanmode) {
311 fprintf(stderr, "Scanning %s (%s), port %s\n",
312 targetname, targetstraddr, opt_scanports);
313 scanmain();
314 /* UNREACHED */
315 }
316
317 if (opt_rawipmode) {
318 strcat(setflags, "raw IP mode");
319 hdr_size = IPHDR_SIZE;
320 } else if (opt_icmpmode) {
321 strcat(setflags, "icmp mode");
322 hdr_size = IPHDR_SIZE + ICMPHDR_SIZE;
323 } else if (opt_udpmode) {
324 strcat(setflags, "udp mode");
325 hdr_size = IPHDR_SIZE + UDPHDR_SIZE;
326 } else {
327 if (tcp_th_flags & TH_RST) strcat(setflags, "R");
328 if (tcp_th_flags & TH_SYN) strcat(setflags, "S");
329 if (tcp_th_flags & TH_ACK) strcat(setflags, "A");
330 if (tcp_th_flags & TH_FIN) strcat(setflags, "F");
331 if (tcp_th_flags & TH_PUSH) strcat(setflags, "P");
332 if (tcp_th_flags & TH_URG) strcat(setflags, "U");
333 if (tcp_th_flags & TH_X) strcat(setflags, "X");
334 if (tcp_th_flags & TH_Y) strcat(setflags, "Y");
335 if (setflags[0] == '\0') strcat(setflags, "NO FLAGS are");
336 hdr_size = IPHDR_SIZE + TCPHDR_SIZE;
337 }
338
339 printf("HPING %s (%s %s): %s set, %d headers + %d data bytes\n",
340 targetname,
341 ifname,
342 targetstraddr,
343 setflags,
344 hdr_size,
345 data_size);
346
347 /* memory protection */
348 if (opt_datafromfile || opt_sign) {
349 if (memlockall() == -1) {
350 perror("[main] memlockall()");
351 fprintf(stderr,
352 "Warning: can't disable memory paging!\n");
353 } else if (opt_verbose || opt_debug) {
354 printf("Memory paging disabled\n");
355 }
356 }
357
358 /* start packet sending */
359 kill(getpid(), SIGALRM);
360
361 /* main loop */
362 while(1)
363 wait_packet();
364
365 return 0;
366 }
367