metasploit-framework/modules/auxiliary/test/ip_spoof.rb

##
# $Id$
##

##
# This file is part of the Metasploit Framework and may be subject to 
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##


require 'msf/core'
require 'racket'

class Metasploit3 < Msf::Auxiliary

	include Msf::Exploit::Capture
	include Msf::Auxiliary::Scanner
		
	def initialize
		super(
			'Name'        => 'Simple IP Spoofing Tester',
			'Version'     => '$Revision$',
			'Description' => 'Simple IP Spoofing Tester',
			'Author'      => 'hdm',
			'License'     => MSF_LICENSE
		)
	end

	def run_host(ip)
		print_status("#{ip}: Sending a packet to #{ip} from #{ip}")
		
		n = Racket::Racket.new

		n.l3 = Racket::L3::IPv4.new
		n.l3.src_ip = ip
		n.l3.dst_ip = ip
		n.l3.protocol = 17
		n.l3.id = 0xdead
		n.l3.ttl = 255
				
		n.l4 = Racket::L4::UDP.new
		n.l4.src_port = 53
		n.l4.dst_port = 53
		n.l4.payload  = "HELLO WORLD"
		
		n.l4.fix!(n.l3.src_ip, n.l3.dst_ip)	
	
		buff = n.pack
		ret = send(ip,buff)
		if ret == :done
			print_good("#{ip}: Sent a packet to #{ip} from #{ip}")
		else
			print_error("#{ip}: Packet not sent. Check permissions & interface.")
		end
	end

	def send(ip,buff)
		begin
			open_pcap
			dst_mac,src_mac = lookup_eth
			inject_eth(:payload => buff, 
								 :eth_daddr => dst_mac,
								 :eth_saddr => src_mac
								)
			close_pcap
		rescue RuntimeError => e
			return :error
		end
		return :done
	end

	
end
Adds a new module that demonstrates IP spoofing. git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da 2008-07-22 19:37:05 +00:00			`##`
Set property 'svn:keywords' git-svn-id: file:///home/svn/framework3/trunk@5783 4d416f70-5f16-0410-b530-b9f4589650da 2008-10-23 02:43:21 +00:00			`# $Id$`
Adds a new module that demonstrates IP spoofing. git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da 2008-07-22 19:37:05 +00:00			`##`

			`##`
			`# This file is part of the Metasploit Framework and may be subject to`
			`# redistribution and commercial restrictions. Please see the Metasploit`
			`# Framework web site for more information on licensing and terms of use.`
replacing defunct framework URL in header comments in most modules and pcap_log git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da 2009-04-13 14:33:26 +00:00			`# http://metasploit.com/framework/`
Adds a new module that demonstrates IP spoofing. git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da 2008-07-22 19:37:05 +00:00			`##`


			`require 'msf/core'`
Overhaul of all modules to use racket instead of scruby/packetfu git-svn-id: file:///home/svn/framework3/trunk@6823 4d416f70-5f16-0410-b530-b9f4589650da 2009-07-17 20:36:40 +00:00			`require 'racket'`
Adds a new module that demonstrates IP spoofing. git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da 2008-07-22 19:37:05 +00:00
This massive commit changes the metasploit 3 module format. The new syntax allows for greater scalability and future improvements to the metasploit module loader. This change also makes it easier for users to add new modules, since the class name no longer needs to match the directory structure. git-svn-id: file:///home/svn/framework3/trunk@5709 4d416f70-5f16-0410-b530-b9f4589650da 2008-10-02 05:23:59 +00:00			`class Metasploit3 < Msf::Auxiliary`
Adds a new module that demonstrates IP spoofing. git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da 2008-07-22 19:37:05 +00:00
See #782. This introduces some inject methods to the Capture mixin, and edits the ip_spoof module to take advantage of them. git-svn-id: file:///home/svn/framework3/trunk@8237 4d416f70-5f16-0410-b530-b9f4589650da 2010-01-26 06:38:41 +00:00			`include Msf::Exploit::Capture`
This massive commit changes the metasploit 3 module format. The new syntax allows for greater scalability and future improvements to the metasploit module loader. This change also makes it easier for users to add new modules, since the class name no longer needs to match the directory structure. git-svn-id: file:///home/svn/framework3/trunk@5709 4d416f70-5f16-0410-b530-b9f4589650da 2008-10-02 05:23:59 +00:00			`include Msf::Auxiliary::Scanner`
Adds a new module that demonstrates IP spoofing. git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da 2008-07-22 19:37:05 +00:00
			`def initialize`
			`super(`
			`'Name' => 'Simple IP Spoofing Tester',`
Set property 'svn:keywords' git-svn-id: file:///home/svn/framework3/trunk@5783 4d416f70-5f16-0410-b530-b9f4589650da 2008-10-23 02:43:21 +00:00			`'Version' => '$Revision$',`
Adds a new module that demonstrates IP spoofing. git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da 2008-07-22 19:37:05 +00:00			`'Description' => 'Simple IP Spoofing Tester',`
			`'Author' => 'hdm',`
			`'License' => MSF_LICENSE`
			`)`
			`end`

			`def run_host(ip)`
See #782. This introduces some inject methods to the Capture mixin, and edits the ip_spoof module to take advantage of them. git-svn-id: file:///home/svn/framework3/trunk@8237 4d416f70-5f16-0410-b530-b9f4589650da 2010-01-26 06:38:41 +00:00			`print_status("#{ip}: Sending a packet to #{ip} from #{ip}")`
Adds a new module that demonstrates IP spoofing. git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da 2008-07-22 19:37:05 +00:00
Overhaul of all modules to use racket instead of scruby/packetfu git-svn-id: file:///home/svn/framework3/trunk@6823 4d416f70-5f16-0410-b530-b9f4589650da 2009-07-17 20:36:40 +00:00			`n = Racket::Racket.new`

Updates to match the new Racket namespace git-svn-id: file:///home/svn/framework3/trunk@8026 4d416f70-5f16-0410-b530-b9f4589650da 2009-12-29 23:32:50 +00:00			`n.l3 = Racket::L3::IPv4.new`
Overhaul of all modules to use racket instead of scruby/packetfu git-svn-id: file:///home/svn/framework3/trunk@6823 4d416f70-5f16-0410-b530-b9f4589650da 2009-07-17 20:36:40 +00:00			`n.l3.src_ip = ip`
			`n.l3.dst_ip = ip`
			`n.l3.protocol = 17`
			`n.l3.id = 0xdead`
			`n.l3.ttl = 255`

Updates to match the new Racket namespace git-svn-id: file:///home/svn/framework3/trunk@8026 4d416f70-5f16-0410-b530-b9f4589650da 2009-12-29 23:32:50 +00:00			`n.l4 = Racket::L4::UDP.new`
Overhaul of all modules to use racket instead of scruby/packetfu git-svn-id: file:///home/svn/framework3/trunk@6823 4d416f70-5f16-0410-b530-b9f4589650da 2009-07-17 20:36:40 +00:00			`n.l4.src_port = 53`
			`n.l4.dst_port = 53`
			`n.l4.payload = "HELLO WORLD"`

			`n.l4.fix!(n.l3.src_ip, n.l3.dst_ip)`

			`buff = n.pack`
See #782. This introduces some inject methods to the Capture mixin, and edits the ip_spoof module to take advantage of them. git-svn-id: file:///home/svn/framework3/trunk@8237 4d416f70-5f16-0410-b530-b9f4589650da 2010-01-26 06:38:41 +00:00			`ret = send(ip,buff)`
			`if ret == :done`
			`print_good("#{ip}: Sent a packet to #{ip} from #{ip}")`
			`else`
			`print_error("#{ip}: Packet not sent. Check permissions & interface.")`
			`end`
			`end`

			`def send(ip,buff)`
			`begin`
			`open_pcap`
			`dst_mac,src_mac = lookup_eth`
			`inject_eth(:payload => buff,`
			`:eth_daddr => dst_mac,`
			`:eth_saddr => src_mac`
			`)`
			`close_pcap`
			`rescue RuntimeError => e`
			`return :error`
			`end`
			`return :done`
Adds a new module that demonstrates IP spoofing. git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da 2008-07-22 19:37:05 +00:00			`end`


Overhaul of all modules to use racket instead of scruby/packetfu git-svn-id: file:///home/svn/framework3/trunk@6823 4d416f70-5f16-0410-b530-b9f4589650da 2009-07-17 20:36:40 +00:00			`end`