infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Closes #297. Switches to the dnet headers for the sniffer packet decodes 

git-svn-id: file:///home/svn/framework3/trunk@6822 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2009-07-17 19:39:31 +00:00
parent ed05516b9f
commit 5577fac39e
18 changed files with 1766 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
external/source/meterpreter/source/extensions/sniffer/dnet.h vendored Normal file
View File

@ -0,0 +1,31 @@
/*
* dnet.h
*
* Copyright (c) 2001 Dug Song <dugsong@monkey.org>
*
* $Id: dnet.h,v 1.6 2004/09/10 03:10:01 dugsong Exp $
*/
#ifndef DNET_H
#define DNET_H
#include <dnet/os.h>
#include <dnet/eth.h>
#include <dnet/ip.h>
#include <dnet/ip6.h>
#include <dnet/addr.h>
#include <dnet/arp.h>
#include <dnet/icmp.h>
#include <dnet/tcp.h>
#include <dnet/udp.h>
#include <dnet/intf.h>
#include <dnet/route.h>
#include <dnet/fw.h>
#include <dnet/tun.h>
#include <dnet/blob.h>
#include <dnet/rand.h>
#endif /* DNET_H */

67
external/source/meterpreter/source/extensions/sniffer/dnet/addr.h vendored Normal file
View File

@ -0,0 +1,67 @@
/*
* addr.h
*
* Network address operations.
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: addr.h,v 1.12 2003/02/27 03:44:55 dugsong Exp $
*/
#ifndef DNET_ADDR_H
#define DNET_ADDR_H
#define ADDR_TYPE_NONE 0 /* No address set */
#define ADDR_TYPE_ETH 1 /* Ethernet */
#define ADDR_TYPE_IP 2 /* Internet Protocol v4 */
#define ADDR_TYPE_IP6 3 /* Internet Protocol v6 */
struct addr {
uint16_t addr_type;
uint16_t addr_bits;
union {
eth_addr_t __eth;
ip_addr_t __ip;
ip6_addr_t __ip6;
uint8_t __data8[16];
uint16_t __data16[8];
uint32_t __data32[4];
} __addr_u;
};
#define addr_eth __addr_u.__eth
#define addr_ip __addr_u.__ip
#define addr_ip6 __addr_u.__ip6
#define addr_data8 __addr_u.__data8
#define addr_data16 __addr_u.__data16
#define addr_data32 __addr_u.__data32
#define addr_pack(addr, type, bits, data, len) do { \
(addr)->addr_type = type; \
(addr)->addr_bits = bits; \
memmove((addr)->addr_data8, (char *)data, len); \
} while (0)
__BEGIN_DECLS
int addr_cmp(const struct addr *a, const struct addr *b);
int addr_bcast(const struct addr *a, struct addr *b);
int addr_net(const struct addr *a, struct addr *b);
char *addr_ntop(const struct addr *src, char *dst, size_t size);
int addr_pton(const char *src, struct addr *dst);
char *addr_ntoa(const struct addr *a);
#define addr_aton addr_pton
int addr_ntos(const struct addr *a, struct sockaddr *sa);
int addr_ston(const struct sockaddr *sa, struct addr *a);
int addr_btos(uint16_t bits, struct sockaddr *sa);
int addr_stob(const struct sockaddr *sa, uint16_t *bits);
int addr_btom(uint16_t bits, void *mask, size_t size);
int addr_mtob(const void *mask, size_t size, uint16_t *bits);
__END_DECLS
#endif /* DNET_ADDR_H */

103
external/source/meterpreter/source/extensions/sniffer/dnet/arp.h vendored Normal file
View File

@ -0,0 +1,103 @@
/*
* arp.h
*
* Address Resolution Protocol.
* RFC 826
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: arp.h,v 1.12 2003/03/16 17:39:17 dugsong Exp $
*/
#ifndef DNET_ARP_H
#define DNET_ARP_H
#define ARP_HDR_LEN 8 /* base ARP header length */
#define ARP_ETHIP_LEN 20 /* base ARP message length */
#ifndef __GNUC__
# define __attribute__(x)
# pragma pack(1)
#endif
/*
* ARP header
*/
struct arp_hdr {
uint16_t ar_hrd; /* format of hardware address */
uint16_t ar_pro; /* format of protocol address */
uint8_t ar_hln; /* length of hardware address (ETH_ADDR_LEN) */
uint8_t ar_pln; /* length of protocol address (IP_ADDR_LEN) */
uint16_t ar_op; /* operation */
};
/*
* Hardware address format
*/
#define ARP_HRD_ETH 0x0001 /* ethernet hardware */
#define ARP_HRD_IEEE802 0x0006 /* IEEE 802 hardware */
/*
* Protocol address format
*/
#define ARP_PRO_IP 0x0800 /* IP protocol */
/*
* ARP operation
*/
#define ARP_OP_REQUEST 1 /* request to resolve ha given pa */
#define ARP_OP_REPLY 2 /* response giving hardware address */
#define ARP_OP_REVREQUEST 3 /* request to resolve pa given ha */
#define ARP_OP_REVREPLY 4 /* response giving protocol address */
/*
* Ethernet/IP ARP message
*/
struct arp_ethip {
uint8_t ar_sha[ETH_ADDR_LEN]; /* sender hardware address */
uint8_t ar_spa[IP_ADDR_LEN]; /* sender protocol address */
uint8_t ar_tha[ETH_ADDR_LEN]; /* target hardware address */
uint8_t ar_tpa[IP_ADDR_LEN]; /* target protocol address */
};
/*
* ARP cache entry
*/
struct arp_entry {
struct addr arp_pa; /* protocol address */
struct addr arp_ha; /* hardware address */
};
#ifndef __GNUC__
# pragma pack()
#endif
#define arp_pack_hdr_ethip(hdr, op, sha, spa, tha, tpa) do { \
struct arp_hdr *pack_arp_p = (struct arp_hdr *)(hdr); \
struct arp_ethip *pack_ethip_p = (struct arp_ethip *) \
((uint8_t *)(hdr) + ARP_HDR_LEN); \
pack_arp_p->ar_hrd = htons(ARP_HRD_ETH); \
pack_arp_p->ar_pro = htons(ARP_PRO_IP); \
pack_arp_p->ar_hln = ETH_ADDR_LEN; \
pack_arp_p->ar_pln = IP_ADDR_LEN; \
pack_arp_p->ar_op = htons(op); \
memmove(pack_ethip_p->ar_sha, &(sha), ETH_ADDR_LEN); \
memmove(pack_ethip_p->ar_spa, &(spa), IP_ADDR_LEN); \
memmove(pack_ethip_p->ar_tha, &(tha), ETH_ADDR_LEN); \
memmove(pack_ethip_p->ar_tpa, &(tpa), IP_ADDR_LEN); \
} while (0)
typedef struct arp_handle arp_t;
typedef int (*arp_handler)(const struct arp_entry *entry, void *arg);
__BEGIN_DECLS
arp_t *arp_open(void);
int arp_add(arp_t *arp, const struct arp_entry *entry);
int arp_delete(arp_t *arp, const struct arp_entry *entry);
int arp_get(arp_t *arp, struct arp_entry *entry);
int arp_loop(arp_t *arp, arp_handler callback, void *arg);
arp_t *arp_close(arp_t *arp);
__END_DECLS
#endif /* DNET_ARP_H */

56
external/source/meterpreter/source/extensions/sniffer/dnet/blob.h vendored Normal file
View File

@ -0,0 +1,56 @@
/*
* blob.h
*
* Binary blob handling.
*
* Copyright (c) 2002 Dug Song <dugsong@monkey.org>
*
* $Id: blob.h,v 1.2 2002/04/05 03:06:44 dugsong Exp $
*/
#ifndef DNET_BLOB_H
#define DNET_BLOB_H
typedef struct blob {
u_char *base; /* start of data */
int off; /* offset into data */
int end; /* end of data */
int size; /* size of allocation */
} blob_t;
__BEGIN_DECLS
blob_t *blob_new(void);
int blob_read(blob_t *b, void *buf, int len);
int blob_write(blob_t *b, const void *buf, int len);
int blob_seek(blob_t *b, int off, int whence);
#define blob_skip(b, l) blob_seek(b, l, SEEK_CUR)
#define blob_rewind(b) blob_seek(b, 0, SEEK_SET)
#define blob_offset(b) ((b)->off)
#define blob_left(b) ((b)->end - (b)->off)
int blob_index(blob_t *b, const void *buf, int len);
int blob_rindex(blob_t *b, const void *buf, int len);
int blob_pack(blob_t *b, const char *fmt, ...);
int blob_unpack(blob_t *b, const char *fmt, ...);
int blob_insert(blob_t *b, const void *buf, int len);
int blob_delete(blob_t *b, void *buf, int len);
int blob_print(blob_t *b, char *style, int len);
blob_t *blob_free(blob_t *b);
int blob_register_alloc(size_t size, void *(*bmalloc)(size_t),
void (*bfree)(void *), void *(*brealloc)(void *, size_t));
#ifdef va_start
typedef int (*blob_fmt_cb)(int pack, int len, blob_t *b, va_list *arg);
int blob_register_pack(char c, blob_fmt_cb fmt_cb);
#endif
__END_DECLS
#endif /* DNET_BLOB_H */

77
external/source/meterpreter/source/extensions/sniffer/dnet/eth.h vendored Normal file
View File

@ -0,0 +1,77 @@
/*
* eth.h
*
* Ethernet.
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: eth.h,v 1.16 2005/01/25 21:29:12 dugsong Exp $
*/
#ifndef DNET_ETH_H
#define DNET_ETH_H
#define ETH_ADDR_LEN 6
#define ETH_ADDR_BITS 48
#define ETH_TYPE_LEN 2
#define ETH_CRC_LEN 4
#define ETH_HDR_LEN 14
#define ETH_LEN_MIN 64 /* minimum frame length with CRC */
#define ETH_LEN_MAX 1518 /* maximum frame length with CRC */
#define ETH_MTU (ETH_LEN_MAX - ETH_HDR_LEN - ETH_CRC_LEN)
#define ETH_MIN (ETH_LEN_MIN - ETH_HDR_LEN - ETH_CRC_LEN)
typedef struct eth_addr {
uint8_t data[ETH_ADDR_LEN];
} eth_addr_t;
struct eth_hdr {
eth_addr_t eth_dst; /* destination address */
eth_addr_t eth_src; /* source address */
uint16_t eth_type; /* payload type */
};
/*
* Ethernet payload types - http://standards.ieee.org/regauth/ethertype
*/
#define ETH_TYPE_PUP 0x0200 /* PUP protocol */
#define ETH_TYPE_IP 0x0800 /* IP protocol */
#define ETH_TYPE_ARP 0x0806 /* address resolution protocol */
#define ETH_TYPE_REVARP 0x8035 /* reverse addr resolution protocol */
#define ETH_TYPE_8021Q 0x8100 /* IEEE 802.1Q VLAN tagging */
#define ETH_TYPE_IPV6 0x86DD /* IPv6 protocol */
#define ETH_TYPE_MPLS 0x8847 /* MPLS */
#define ETH_TYPE_MPLS_MCAST 0x8848 /* MPLS Multicast */
#define ETH_TYPE_PPPOEDISC 0x8863 /* PPP Over Ethernet Discovery Stage */
#define ETH_TYPE_PPPOE 0x8864 /* PPP Over Ethernet Session Stage */
#define ETH_TYPE_LOOPBACK 0x9000 /* used to test interfaces */
#define ETH_IS_MULTICAST(ea) (*(ea) & 0x01) /* is address mcast/bcast? */
#define ETH_ADDR_BROADCAST "\xff\xff\xff\xff\xff\xff"
#define eth_pack_hdr(h, dst, src, type) do { \
struct eth_hdr *eth_pack_p = (struct eth_hdr *)(h); \
memmove(&eth_pack_p->eth_dst, &(dst), ETH_ADDR_LEN); \
memmove(&eth_pack_p->eth_src, &(src), ETH_ADDR_LEN); \
eth_pack_p->eth_type = htons(type); \
} while (0)
typedef struct eth_handle eth_t;
__BEGIN_DECLS
eth_t *eth_open(const char *device);
int eth_get(eth_t *e, eth_addr_t *ea);
int eth_set(eth_t *e, const eth_addr_t *ea);
ssize_t eth_send(eth_t *e, const void *buf, size_t len);
eth_t *eth_close(eth_t *e);
char *eth_ntop(const eth_addr_t *eth, char *dst, size_t len);
int eth_pton(const char *src, eth_addr_t *dst);
char *eth_ntoa(const eth_addr_t *eth);
#define eth_aton eth_pton
__END_DECLS
#endif /* DNET_ETH_H */

54
external/source/meterpreter/source/extensions/sniffer/dnet/fw.h vendored Normal file
View File

@ -0,0 +1,54 @@
/*
* fw.h
*
* Network firewalling operations.
*
* Copyright (c) 2001 Dug Song <dugsong@monkey.org>
*
* $Id: fw.h,v 1.13 2002/12/14 04:02:36 dugsong Exp $
*/
#ifndef DNET_FW_H
#define DNET_FW_H
struct fw_rule {
char fw_device[INTF_NAME_LEN]; /* interface name */
uint8_t fw_op; /* operation */
uint8_t fw_dir; /* direction */
uint8_t fw_proto; /* IP protocol */
struct addr fw_src; /* src address / net */
struct addr fw_dst; /* dst address / net */
uint16_t fw_sport[2]; /* range / ICMP type */
uint16_t fw_dport[2]; /* range / ICMP code */
};
#define FW_OP_ALLOW 1
#define FW_OP_BLOCK 2
#define FW_DIR_IN 1
#define FW_DIR_OUT 2
#define fw_pack_rule(rule, dev, op, dir, p, s, d, sp1, sp2, dp1, dp2) \
do { \
strlcpy((rule)->fw_device, dev, sizeof((rule)->fw_device)); \
(rule)->fw_op = op; (rule)->fw_dir = dir; \
(rule)->fw_proto = p; \
memmove(&(rule)->fw_src, &(s), sizeof((rule)->fw_src)); \
memmove(&(rule)->fw_dst, &(d), sizeof((rule)->fw_dst)); \
(rule)->fw_sport[0] = sp1; (rule)->fw_sport[1] = sp2; \
(rule)->fw_dport[0] = dp1; (rule)->fw_dport[1] = dp2; \
} while (0)
typedef struct fw_handle fw_t;
typedef int (*fw_handler)(const struct fw_rule *rule, void *arg);
__BEGIN_DECLS
fw_t *fw_open(void);
int fw_add(fw_t *f, const struct fw_rule *rule);
int fw_delete(fw_t *f, const struct fw_rule *rule);
int fw_loop(fw_t *f, fw_handler callback, void *arg);
fw_t *fw_close(fw_t *f);
__END_DECLS
#endif /* DNET_FW_H */

265
external/source/meterpreter/source/extensions/sniffer/dnet/icmp.h vendored Normal file
View File

@ -0,0 +1,265 @@
/*
* icmp.h
*
* Internet Control Message Protocol.
* RFC 792, 950, 1256, 1393, 1475, 2002, 2521
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: icmp.h,v 1.14 2003/03/16 17:39:17 dugsong Exp $
*/
#ifndef DNET_ICMP_H
#define DNET_ICMP_H
#define ICMP_HDR_LEN 4 /* base ICMP header length */
#define ICMP_LEN_MIN 8 /* minimum ICMP message size, with header */
#ifndef __GNUC__
# define __attribute__(x)
# pragma pack(1)
#endif
/*
* ICMP header
*/
struct icmp_hdr {
uint8_t icmp_type; /* type of message, see below */
uint8_t icmp_code; /* type sub code */
uint16_t icmp_cksum; /* ones complement cksum of struct */
};
/*
* Types (icmp_type) and codes (icmp_code) -
* http://www.iana.org/assignments/icmp-parameters
*/
#define ICMP_CODE_NONE 0 /* for types without codes */
#define ICMP_ECHOREPLY 0 /* echo reply */
#define ICMP_UNREACH 3 /* dest unreachable, codes: */
#define ICMP_UNREACH_NET 0 /* bad net */
#define ICMP_UNREACH_HOST 1 /* bad host */
#define ICMP_UNREACH_PROTO 2 /* bad protocol */
#define ICMP_UNREACH_PORT 3 /* bad port */
#define ICMP_UNREACH_NEEDFRAG 4 /* IP_DF caused drop */
#define ICMP_UNREACH_SRCFAIL 5 /* src route failed */
#define ICMP_UNREACH_NET_UNKNOWN 6 /* unknown net */
#define ICMP_UNREACH_HOST_UNKNOWN 7 /* unknown host */
#define ICMP_UNREACH_ISOLATED 8 /* src host isolated */
#define ICMP_UNREACH_NET_PROHIB 9 /* for crypto devs */
#define ICMP_UNREACH_HOST_PROHIB 10 /* ditto */
#define ICMP_UNREACH_TOSNET 11 /* bad tos for net */
#define ICMP_UNREACH_TOSHOST 12 /* bad tos for host */
#define ICMP_UNREACH_FILTER_PROHIB 13 /* prohibited access */
#define ICMP_UNREACH_HOST_PRECEDENCE 14 /* precedence error */
#define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 /* precedence cutoff */
#define ICMP_SRCQUENCH 4 /* packet lost, slow down */
#define ICMP_REDIRECT 5 /* shorter route, codes: */
#define ICMP_REDIRECT_NET 0 /* for network */
#define ICMP_REDIRECT_HOST 1 /* for host */
#define ICMP_REDIRECT_TOSNET 2 /* for tos and net */
#define ICMP_REDIRECT_TOSHOST 3 /* for tos and host */
#define ICMP_ALTHOSTADDR 6 /* alternate host address */
#define ICMP_ECHO 8 /* echo service */
#define ICMP_RTRADVERT 9 /* router advertise, codes: */
#define ICMP_RTRADVERT_NORMAL 0 /* normal */
#define ICMP_RTRADVERT_NOROUTE_COMMON 16 /* selective routing */
#define ICMP_RTRSOLICIT 10 /* router solicitation */
#define ICMP_TIMEXCEED 11 /* time exceeded, code: */
#define ICMP_TIMEXCEED_INTRANS 0 /* ttl==0 in transit */
#define ICMP_TIMEXCEED_REASS 1 /* ttl==0 in reass */
#define ICMP_PARAMPROB 12 /* ip header bad */
#define ICMP_PARAMPROB_ERRATPTR 0 /* req. opt. absent */
#define ICMP_PARAMPROB_OPTABSENT 1 /* req. opt. absent */
#define ICMP_PARAMPROB_LENGTH 2 /* bad length */
#define ICMP_TSTAMP 13 /* timestamp request */
#define ICMP_TSTAMPREPLY 14 /* timestamp reply */
#define ICMP_INFO 15 /* information request */
#define ICMP_INFOREPLY 16 /* information reply */
#define ICMP_MASK 17 /* address mask request */
#define ICMP_MASKREPLY 18 /* address mask reply */
#define ICMP_TRACEROUTE 30 /* traceroute */
#define ICMP_DATACONVERR 31 /* data conversion error */
#define ICMP_MOBILE_REDIRECT 32 /* mobile host redirect */
#define ICMP_IPV6_WHEREAREYOU 33 /* IPv6 where-are-you */
#define ICMP_IPV6_IAMHERE 34 /* IPv6 i-am-here */
#define ICMP_MOBILE_REG 35 /* mobile registration req */
#define ICMP_MOBILE_REGREPLY 36 /* mobile registration reply */
#define ICMP_DNS 37 /* domain name request */
#define ICMP_DNSREPLY 38 /* domain name reply */
#define ICMP_SKIP 39 /* SKIP */
#define ICMP_PHOTURIS 40 /* Photuris */
#define ICMP_PHOTURIS_UNKNOWN_INDEX 0 /* unknown sec index */
#define ICMP_PHOTURIS_AUTH_FAILED 1 /* auth failed */
#define ICMP_PHOTURIS_DECOMPRESS_FAILED 2 /* decompress failed */
#define ICMP_PHOTURIS_DECRYPT_FAILED 3 /* decrypt failed */
#define ICMP_PHOTURIS_NEED_AUTHN 4 /* no authentication */
#define ICMP_PHOTURIS_NEED_AUTHZ 5 /* no authorization */
#define ICMP_TYPE_MAX 40
#define ICMP_INFOTYPE(type) \
((type) == ICMP_ECHOREPLY || (type) == ICMP_ECHO || \
(type) == ICMP_RTRADVERT || (type) == ICMP_RTRSOLICIT || \
(type) == ICMP_TSTAMP || (type) == ICMP_TSTAMPREPLY || \
(type) == ICMP_INFO || (type) == ICMP_INFOREPLY || \
(type) == ICMP_MASK || (type) == ICMP_MASKREPLY)
/*
* Echo message data
*/
struct icmp_msg_echo {
uint16_t icmp_id;
uint16_t icmp_seq;
uint8_t icmp_data __flexarr; /* optional data */
};
/*
* Fragmentation-needed (unreachable) message data
*/
struct icmp_msg_needfrag {
uint16_t icmp_void; /* must be zero */
uint16_t icmp_mtu; /* MTU of next-hop network */
uint8_t icmp_ip __flexarr; /* IP hdr + 8 bytes of pkt */
};
/*
* Unreachable, source quench, redirect, time exceeded,
* parameter problem message data
*/
struct icmp_msg_quote {
uint32_t icmp_void; /* must be zero */
#define icmp_gwaddr icmp_void /* router IP address to use */
#define icmp_pptr icmp_void /* ptr to bad octet field */
uint8_t icmp_ip __flexarr; /* IP hdr + 8 bytes of pkt */
};
/*
* Router advertisement message data, RFC 1256
*/
struct icmp_msg_rtradvert {
uint8_t icmp_num_addrs; /* # of address / pref pairs */
uint8_t icmp_wpa; /* words / address == 2 */
uint16_t icmp_lifetime; /* route lifetime in seconds */
struct icmp_msg_rtr_data {
uint32_t icmp_void;
#define icmp_gwaddr icmp_void /* router IP address */
uint32_t icmp_pref; /* router preference (usu 0) */
} icmp_rtr __flexarr; /* variable # of routers */
};
#define ICMP_RTR_PREF_NODEFAULT 0x80000000 /* do not use as default gw */
/*
* Timestamp message data
*/
struct icmp_msg_tstamp {
uint32_t icmp_id; /* identifier */
uint32_t icmp_seq; /* sequence number */
uint32_t icmp_ts_orig; /* originate timestamp */
uint32_t icmp_ts_rx; /* receive timestamp */
uint32_t icmp_ts_tx; /* transmit timestamp */
};
/*
* Address mask message data, RFC 950
*/
struct icmp_msg_mask {
uint32_t icmp_id; /* identifier */
uint32_t icmp_seq; /* sequence number */
uint32_t icmp_mask; /* address mask */
};
/*
* Traceroute message data, RFC 1393, RFC 1812
*/
struct icmp_msg_traceroute {
uint16_t icmp_id; /* identifier */
uint16_t icmp_void; /* unused */
uint16_t icmp_ohc; /* outbound hop count */
uint16_t icmp_rhc; /* return hop count */
uint32_t icmp_speed; /* link speed, bytes/sec */
uint32_t icmp_mtu; /* MTU in bytes */
};
/*
* Domain name reply message data, RFC 1788
*/
struct icmp_msg_dnsreply {
uint16_t icmp_id; /* identifier */
uint16_t icmp_seq; /* sequence number */
uint32_t icmp_ttl; /* time-to-live */
uint8_t icmp_names __flexarr; /* variable number of names */
};
/*
* Generic identifier, sequence number data
*/
struct icmp_msg_idseq {
uint16_t icmp_id;
uint16_t icmp_seq;
};
/*
* ICMP message union
*/
union icmp_msg {
struct icmp_msg_echo echo; /* ICMP_ECHO{REPLY} */
struct icmp_msg_quote unreach; /* ICMP_UNREACH */
struct icmp_msg_needfrag needfrag; /* ICMP_UNREACH_NEEDFRAG */
struct icmp_msg_quote srcquench; /* ICMP_SRCQUENCH */
struct icmp_msg_quote redirect; /* ICMP_REDIRECT (set to 0) */
uint32_t rtrsolicit; /* ICMP_RTRSOLICIT */
struct icmp_msg_rtradvert rtradvert; /* ICMP_RTRADVERT */
struct icmp_msg_quote timexceed; /* ICMP_TIMEXCEED */
struct icmp_msg_quote paramprob; /* ICMP_PARAMPROB */
struct icmp_msg_tstamp tstamp; /* ICMP_TSTAMP{REPLY} */
struct icmp_msg_idseq info; /* ICMP_INFO{REPLY} */
struct icmp_msg_mask mask; /* ICMP_MASK{REPLY} */
struct icmp_msg_traceroute traceroute; /* ICMP_TRACEROUTE */
struct icmp_msg_idseq dns; /* ICMP_DNS */
struct icmp_msg_dnsreply dnsreply; /* ICMP_DNSREPLY */
};
#ifndef __GNUC__
# pragma pack()
#endif
#define icmp_pack_hdr(hdr, type, code) do { \
struct icmp_hdr *icmp_pack_p = (struct icmp_hdr *)(hdr); \
icmp_pack_p->icmp_type = type; icmp_pack_p->icmp_code = code; \
} while (0)
#define icmp_pack_hdr_echo(hdr, type, code, id, seq, data, len) do { \
struct icmp_msg_echo *echo_pack_p = (struct icmp_msg_echo *) \
((uint8_t *)(hdr) + ICMP_HDR_LEN); \
icmp_pack_hdr(hdr, type, code); \
echo_pack_p->icmp_id = htons(id); \
echo_pack_p->icmp_seq = htons(seq); \
memmove(echo_pack_p->icmp_data, data, len); \
} while (0)
#define icmp_pack_hdr_quote(hdr, type, code, word, pkt, len) do { \
struct icmp_msg_quote *quote_pack_p = (struct icmp_msg_quote *) \
((uint8_t *)(hdr) + ICMP_HDR_LEN); \
icmp_pack_hdr(hdr, type, code); \
quote_pack_p->icmp_void = htonl(word); \
memmove(quote_pack_p->icmp_ip, pkt, len); \
} while (0)
#define icmp_pack_hdr_mask(hdr, type, code, id, seq, mask) do { \
struct icmp_msg_mask *mask_pack_p = (struct icmp_msg_mask *) \
((uint8_t *)(hdr) + ICMP_HDR_LEN); \
icmp_pack_hdr(hdr, type, code); \
mask_pack_p->icmp_id = htons(id); \
mask_pack_p->icmp_seq = htons(seq); \
mask_pack_p->icmp_mask = htonl(mask); \
} while (0)
#define icmp_pack_hdr_needfrag(hdr, type, code, mtu, pkt, len) do { \
struct icmp_msg_needfrag *frag_pack_p = \
(struct icmp_msg_needfrag *)((uint8_t *)(hdr) + ICMP_HDR_LEN); \
icmp_pack_hdr(hdr, type, code); \
frag_pack_p->icmp_void = 0; \
frag_pack_p->icmp_mtu = htons(mtu); \
memmove(frag_pack_p->icmp_ip, pkt, len); \
} while (0)
#endif /* DNET_ICMP_H */

68
external/source/meterpreter/source/extensions/sniffer/dnet/intf.h vendored Normal file
View File

@ -0,0 +1,68 @@
/*
* intf.c
*
* Network interface operations.
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: intf.h,v 1.16 2004/01/13 07:41:09 dugsong Exp $
*/
#ifndef DNET_INTF_H
#define DNET_INTF_H
/*
* Interface entry
*/
#define INTF_NAME_LEN 16
struct intf_entry {
u_int intf_len; /* length of entry */
char intf_name[INTF_NAME_LEN]; /* interface name */
u_short intf_type; /* interface type (r/o) */
u_short intf_flags; /* interface flags */
u_int intf_mtu; /* interface MTU */
struct addr intf_addr; /* interface address */
struct addr intf_dst_addr; /* point-to-point dst */
struct addr intf_link_addr; /* link-layer address */
u_int intf_alias_num; /* number of aliases */
struct addr intf_alias_addrs __flexarr; /* array of aliases */
};
/*
* MIB-II interface types - http://www.iana.org/assignments/ianaiftype-mib
*/
#define INTF_TYPE_OTHER 1 /* other */
#define INTF_TYPE_ETH 6 /* Ethernet */
#define INTF_TYPE_TOKENRING 9 /* Token Ring */
#define INTF_TYPE_FDDI 15 /* FDDI */
#define INTF_TYPE_PPP 23 /* Point-to-Point Protocol */
#define INTF_TYPE_LOOPBACK 24 /* software loopback */
#define INTF_TYPE_SLIP 28 /* Serial Line Interface Protocol */
#define INTF_TYPE_TUN 53 /* proprietary virtual/internal */
/*
* Interface flags
*/
#define INTF_FLAG_UP 0x01 /* enable interface */
#define INTF_FLAG_LOOPBACK 0x02 /* is a loopback net (r/o) */
#define INTF_FLAG_POINTOPOINT 0x04 /* point-to-point link (r/o) */
#define INTF_FLAG_NOARP 0x08 /* disable ARP */
#define INTF_FLAG_BROADCAST 0x10 /* supports broadcast (r/o) */
#define INTF_FLAG_MULTICAST 0x20 /* supports multicast (r/o) */
typedef struct intf_handle intf_t;
typedef int (*intf_handler)(const struct intf_entry *entry, void *arg);
__BEGIN_DECLS
intf_t *intf_open(void);
int intf_get(intf_t *i, struct intf_entry *entry);
int intf_get_src(intf_t *i, struct intf_entry *entry, struct addr *src);
int intf_get_dst(intf_t *i, struct intf_entry *entry, struct addr *dst);
int intf_set(intf_t *i, const struct intf_entry *entry);
int intf_loop(intf_t *i, intf_handler callback, void *arg);
intf_t *intf_close(intf_t *i);
__END_DECLS
#endif /* DNET_INTF_H */

432
external/source/meterpreter/source/extensions/sniffer/dnet/ip.h vendored Normal file
View File

@ -0,0 +1,432 @@
/*
* ip.h
*
* Internet Protocol (RFC 791).
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: ip.h,v 1.25 2005/02/16 22:02:45 dugsong Exp $
*/
#ifndef DNET_IP_H
#define DNET_IP_H
#define IP_ADDR_LEN 4 /* IP address length */
#define IP_ADDR_BITS 32 /* IP address bits */
#define IP_HDR_LEN 20 /* base IP header length */
#define IP_OPT_LEN 2 /* base IP option length */
#define IP_OPT_LEN_MAX 40
#define IP_HDR_LEN_MAX (IP_HDR_LEN + IP_OPT_LEN_MAX)
#define IP_LEN_MAX 65535
#define IP_LEN_MIN IP_HDR_LEN
typedef uint32_t ip_addr_t;
#ifndef __GNUC__
# define __attribute__(x)
# pragma pack(1)
#endif
/*
* IP header, without options
*/
struct ip_hdr {
#if DNET_BYTESEX == DNET_BIG_ENDIAN
uint8_t ip_v:4, /* version */
ip_hl:4; /* header length (incl any options) */
#elif DNET_BYTESEX == DNET_LIL_ENDIAN
uint8_t ip_hl:4,
ip_v:4;
#else
# error "need to include <dnet.h>"
#endif
uint8_t ip_tos; /* type of service */
uint16_t ip_len; /* total length (incl header) */
uint16_t ip_id; /* identification */
uint16_t ip_off; /* fragment offset and flags */
uint8_t ip_ttl; /* time to live */
uint8_t ip_p; /* protocol */
uint16_t ip_sum; /* checksum */
ip_addr_t ip_src; /* source address */
ip_addr_t ip_dst; /* destination address */
};
/*
* Type of service (ip_tos), RFC 1349 ("obsoleted by RFC 2474")
*/
#define IP_TOS_DEFAULT 0x00 /* default */
#define IP_TOS_LOWDELAY 0x10 /* low delay */
#define IP_TOS_THROUGHPUT 0x08 /* high throughput */
#define IP_TOS_RELIABILITY 0x04 /* high reliability */
#define IP_TOS_LOWCOST 0x02 /* low monetary cost - XXX */
#define IP_TOS_ECT 0x02 /* ECN-capable transport */
#define IP_TOS_CE 0x01 /* congestion experienced */
/*
* IP precedence (high 3 bits of ip_tos), hopefully unused
*/
#define IP_TOS_PREC_ROUTINE 0x00
#define IP_TOS_PREC_PRIORITY 0x20
#define IP_TOS_PREC_IMMEDIATE 0x40
#define IP_TOS_PREC_FLASH 0x60
#define IP_TOS_PREC_FLASHOVERRIDE 0x80
#define IP_TOS_PREC_CRITIC_ECP 0xa0
#define IP_TOS_PREC_INTERNETCONTROL 0xc0
#define IP_TOS_PREC_NETCONTROL 0xe0
/*
* Fragmentation flags (ip_off)
*/
#define IP_RF 0x8000 /* reserved */
#define IP_DF 0x4000 /* don't fragment */
#define IP_MF 0x2000 /* more fragments (not last frag) */
#define IP_OFFMASK 0x1fff /* mask for fragment offset */
/*
* Time-to-live (ip_ttl), seconds
*/
#define IP_TTL_DEFAULT 64 /* default ttl, RFC 1122, RFC 1340 */
#define IP_TTL_MAX 255 /* maximum ttl */
/*
* Protocol (ip_p) - http://www.iana.org/assignments/protocol-numbers
*/
#define IP_PROTO_IP 0 /* dummy for IP */
#define IP_PROTO_HOPOPTS IP_PROTO_IP /* IPv6 hop-by-hop options */
#define IP_PROTO_ICMP 1 /* ICMP */
#define IP_PROTO_IGMP 2 /* IGMP */
#define IP_PROTO_GGP 3 /* gateway-gateway protocol */
#define IP_PROTO_IPIP 4 /* IP in IP */
#define IP_PROTO_ST 5 /* ST datagram mode */
#define IP_PROTO_TCP 6 /* TCP */
#define IP_PROTO_CBT 7 /* CBT */
#define IP_PROTO_EGP 8 /* exterior gateway protocol */
#define IP_PROTO_IGP 9 /* interior gateway protocol */
#define IP_PROTO_BBNRCC 10 /* BBN RCC monitoring */
#define IP_PROTO_NVP 11 /* Network Voice Protocol */
#define IP_PROTO_PUP 12 /* PARC universal packet */
#define IP_PROTO_ARGUS 13 /* ARGUS */
#define IP_PROTO_EMCON 14 /* EMCON */
#define IP_PROTO_XNET 15 /* Cross Net Debugger */
#define IP_PROTO_CHAOS 16 /* Chaos */
#define IP_PROTO_UDP 17 /* UDP */
#define IP_PROTO_MUX 18 /* multiplexing */
#define IP_PROTO_DCNMEAS 19 /* DCN measurement */
#define IP_PROTO_HMP 20 /* Host Monitoring Protocol */
#define IP_PROTO_PRM 21 /* Packet Radio Measurement */
#define IP_PROTO_IDP 22 /* Xerox NS IDP */
#define IP_PROTO_TRUNK1 23 /* Trunk-1 */
#define IP_PROTO_TRUNK2 24 /* Trunk-2 */
#define IP_PROTO_LEAF1 25 /* Leaf-1 */
#define IP_PROTO_LEAF2 26 /* Leaf-2 */
#define IP_PROTO_RDP 27 /* "Reliable Datagram" proto */
#define IP_PROTO_IRTP 28 /* Inet Reliable Transaction */
#define IP_PROTO_TP 29 /* ISO TP class 4 */
#define IP_PROTO_NETBLT 30 /* Bulk Data Transfer */
#define IP_PROTO_MFPNSP 31 /* MFE Network Services */
#define IP_PROTO_MERITINP 32 /* Merit Internodal Protocol */
#define IP_PROTO_SEP 33 /* Sequential Exchange proto */
#define IP_PROTO_3PC 34 /* Third Party Connect proto */
#define IP_PROTO_IDPR 35 /* Interdomain Policy Route */
#define IP_PROTO_XTP 36 /* Xpress Transfer Protocol */
#define IP_PROTO_DDP 37 /* Datagram Delivery Proto */
#define IP_PROTO_CMTP 38 /* IDPR Ctrl Message Trans */
#define IP_PROTO_TPPP 39 /* TP++ Transport Protocol */
#define IP_PROTO_IL 40 /* IL Transport Protocol */
#define IP_PROTO_IPV6 41 /* IPv6 */
#define IP_PROTO_SDRP 42 /* Source Demand Routing */
#define IP_PROTO_ROUTING 43 /* IPv6 routing header */
#define IP_PROTO_FRAGMENT 44 /* IPv6 fragmentation header */
#define IP_PROTO_RSVP 46 /* Reservation protocol */
#define IP_PROTO_GRE 47 /* General Routing Encap */
#define IP_PROTO_MHRP 48 /* Mobile Host Routing */
#define IP_PROTO_ENA 49 /* ENA */
#define IP_PROTO_ESP 50 /* Encap Security Payload */
#define IP_PROTO_AH 51 /* Authentication Header */
#define IP_PROTO_INLSP 52 /* Integated Net Layer Sec */
#define IP_PROTO_SWIPE 53 /* SWIPE */
#define IP_PROTO_NARP 54 /* NBMA Address Resolution */
#define IP_PROTO_MOBILE 55 /* Mobile IP, RFC 2004 */
#define IP_PROTO_TLSP 56 /* Transport Layer Security */
#define IP_PROTO_SKIP 57 /* SKIP */
#define IP_PROTO_ICMPV6 58 /* ICMP for IPv6 */
#define IP_PROTO_NONE 59 /* IPv6 no next header */
#define IP_PROTO_DSTOPTS 60 /* IPv6 destination options */
#define IP_PROTO_ANYHOST 61 /* any host internal proto */
#define IP_PROTO_CFTP 62 /* CFTP */
#define IP_PROTO_ANYNET 63 /* any local network */
#define IP_PROTO_EXPAK 64 /* SATNET and Backroom EXPAK */
#define IP_PROTO_KRYPTOLAN 65 /* Kryptolan */
#define IP_PROTO_RVD 66 /* MIT Remote Virtual Disk */
#define IP_PROTO_IPPC 67 /* Inet Pluribus Packet Core */
#define IP_PROTO_DISTFS 68 /* any distributed fs */
#define IP_PROTO_SATMON 69 /* SATNET Monitoring */
#define IP_PROTO_VISA 70 /* VISA Protocol */
#define IP_PROTO_IPCV 71 /* Inet Packet Core Utility */
#define IP_PROTO_CPNX 72 /* Comp Proto Net Executive */
#define IP_PROTO_CPHB 73 /* Comp Protocol Heart Beat */
#define IP_PROTO_WSN 74 /* Wang Span Network */
#define IP_PROTO_PVP 75 /* Packet Video Protocol */
#define IP_PROTO_BRSATMON 76 /* Backroom SATNET Monitor */
#define IP_PROTO_SUNND 77 /* SUN ND Protocol */
#define IP_PROTO_WBMON 78 /* WIDEBAND Monitoring */
#define IP_PROTO_WBEXPAK 79 /* WIDEBAND EXPAK */
#define IP_PROTO_EON 80 /* ISO CNLP */
#define IP_PROTO_VMTP 81 /* Versatile Msg Transport*/
#define IP_PROTO_SVMTP 82 /* Secure VMTP */
#define IP_PROTO_VINES 83 /* VINES */
#define IP_PROTO_TTP 84 /* TTP */
#define IP_PROTO_NSFIGP 85 /* NSFNET-IGP */
#define IP_PROTO_DGP 86 /* Dissimilar Gateway Proto */
#define IP_PROTO_TCF 87 /* TCF */
#define IP_PROTO_EIGRP 88 /* EIGRP */
#define IP_PROTO_OSPF 89 /* Open Shortest Path First */
#define IP_PROTO_SPRITERPC 90 /* Sprite RPC Protocol */
#define IP_PROTO_LARP 91 /* Locus Address Resolution */
#define IP_PROTO_MTP 92 /* Multicast Transport Proto */
#define IP_PROTO_AX25 93 /* AX.25 Frames */
#define IP_PROTO_IPIPENCAP 94 /* yet-another IP encap */
#define IP_PROTO_MICP 95 /* Mobile Internet Ctrl */
#define IP_PROTO_SCCSP 96 /* Semaphore Comm Sec Proto */
#define IP_PROTO_ETHERIP 97 /* Ethernet in IPv4 */
#define IP_PROTO_ENCAP 98 /* encapsulation header */
#define IP_PROTO_ANYENC 99 /* private encryption scheme */
#define IP_PROTO_GMTP 100 /* GMTP */
#define IP_PROTO_IFMP 101 /* Ipsilon Flow Mgmt Proto */
#define IP_PROTO_PNNI 102 /* PNNI over IP */
#define IP_PROTO_PIM 103 /* Protocol Indep Multicast */
#define IP_PROTO_ARIS 104 /* ARIS */
#define IP_PROTO_SCPS 105 /* SCPS */
#define IP_PROTO_QNX 106 /* QNX */
#define IP_PROTO_AN 107 /* Active Networks */
#define IP_PROTO_IPCOMP 108 /* IP Payload Compression */
#define IP_PROTO_SNP 109 /* Sitara Networks Protocol */
#define IP_PROTO_COMPAQPEER 110 /* Compaq Peer Protocol */
#define IP_PROTO_IPXIP 111 /* IPX in IP */
#define IP_PROTO_VRRP 112 /* Virtual Router Redundancy */
#define IP_PROTO_PGM 113 /* PGM Reliable Transport */
#define IP_PROTO_ANY0HOP 114 /* 0-hop protocol */
#define IP_PROTO_L2TP 115 /* Layer 2 Tunneling Proto */
#define IP_PROTO_DDX 116 /* D-II Data Exchange (DDX) */
#define IP_PROTO_IATP 117 /* Interactive Agent Xfer */
#define IP_PROTO_STP 118 /* Schedule Transfer Proto */
#define IP_PROTO_SRP 119 /* SpectraLink Radio Proto */
#define IP_PROTO_UTI 120 /* UTI */
#define IP_PROTO_SMP 121 /* Simple Message Protocol */
#define IP_PROTO_SM 122 /* SM */
#define IP_PROTO_PTP 123 /* Performance Transparency */
#define IP_PROTO_ISIS 124 /* ISIS over IPv4 */
#define IP_PROTO_FIRE 125 /* FIRE */
#define IP_PROTO_CRTP 126 /* Combat Radio Transport */
#define IP_PROTO_CRUDP 127 /* Combat Radio UDP */
#define IP_PROTO_SSCOPMCE 128 /* SSCOPMCE */
#define IP_PROTO_IPLT 129 /* IPLT */
#define IP_PROTO_SPS 130 /* Secure Packet Shield */
#define IP_PROTO_PIPE 131 /* Private IP Encap in IP */
#define IP_PROTO_SCTP 132 /* Stream Ctrl Transmission */
#define IP_PROTO_FC 133 /* Fibre Channel */
#define IP_PROTO_RSVPIGN 134 /* RSVP-E2E-IGNORE */
#define IP_PROTO_RAW 255 /* Raw IP packets */
#define IP_PROTO_RESERVED IP_PROTO_RAW /* Reserved */
#define IP_PROTO_MAX 255
/*
* Option types (opt_type) - http://www.iana.org/assignments/ip-parameters
*/
#define IP_OPT_CONTROL 0x00 /* control */
#define IP_OPT_DEBMEAS 0x40 /* debugging & measurement */
#define IP_OPT_COPY 0x80 /* copy into all fragments */
#define IP_OPT_RESERVED1 0x20
#define IP_OPT_RESERVED2 0x60
#define IP_OPT_EOL 0 /* end of option list */
#define IP_OPT_NOP 1 /* no operation */
#define IP_OPT_SEC (2|IP_OPT_COPY) /* DoD basic security */
#define IP_OPT_LSRR (3|IP_OPT_COPY) /* loose source route */
#define IP_OPT_TS (4|IP_OPT_DEBMEAS) /* timestamp */
#define IP_OPT_ESEC (5|IP_OPT_COPY) /* DoD extended security */
#define IP_OPT_CIPSO (6|IP_OPT_COPY) /* commercial security */
#define IP_OPT_RR 7 /* record route */
#define IP_OPT_SATID (8|IP_OPT_COPY) /* stream ID (obsolete) */
#define IP_OPT_SSRR (9|IP_OPT_COPY) /* strict source route */
#define IP_OPT_ZSU 10 /* experimental measurement */
#define IP_OPT_MTUP 11 /* MTU probe */
#define IP_OPT_MTUR 12 /* MTU reply */
#define IP_OPT_FINN (13|IP_OPT_COPY|IP_OPT_DEBMEAS) /* exp flow control */
#define IP_OPT_VISA (14|IP_OPT_COPY) /* exp access control */
#define IP_OPT_ENCODE 15 /* ??? */
#define IP_OPT_IMITD (16|IP_OPT_COPY) /* IMI traffic descriptor */
#define IP_OPT_EIP (17|IP_OPT_COPY) /* extended IP, RFC 1385 */
#define IP_OPT_TR (18|IP_OPT_DEBMEAS) /* traceroute */
#define IP_OPT_ADDEXT (19|IP_OPT_COPY) /* IPv7 ext addr, RFC 1475 */
#define IP_OPT_RTRALT (20|IP_OPT_COPY) /* router alert, RFC 2113 */
#define IP_OPT_SDB (21|IP_OPT_COPY) /* directed bcast, RFC 1770 */
#define IP_OPT_NSAPA (22|IP_OPT_COPY) /* NSAP addresses */
#define IP_OPT_DPS (23|IP_OPT_COPY) /* dynamic packet state */
#define IP_OPT_UMP (24|IP_OPT_COPY) /* upstream multicast */
#define IP_OPT_MAX 25
#define IP_OPT_COPIED(o) ((o) & 0x80)
#define IP_OPT_CLASS(o) ((o) & 0x60)
#define IP_OPT_NUMBER(o) ((o) & 0x1f)
#define IP_OPT_TYPEONLY(o) ((o) == IP_OPT_EOL || (o) == IP_OPT_NOP)
/*
* Security option data - RFC 791, 3.1
*/
struct ip_opt_data_sec {
uint16_t s; /* security */
uint16_t c; /* compartments */
uint16_t h; /* handling restrictions */
uint8_t tcc[3]; /* transmission control code */
} __attribute__((__packed__));
#define IP_OPT_SEC_UNCLASS 0x0000 /* unclassified */
#define IP_OPT_SEC_CONFID 0xf135 /* confidential */
#define IP_OPT_SEC_EFTO 0x789a /* EFTO */
#define IP_OPT_SEC_MMMM 0xbc4d /* MMMM */
#define IP_OPT_SEC_PROG 0x5e26 /* PROG */
#define IP_OPT_SEC_RESTR 0xaf13 /* restricted */
#define IP_OPT_SEC_SECRET 0xd788 /* secret */
#define IP_OPT_SEC_TOPSECRET 0x6bc5 /* top secret */
/*
* {Loose Source, Record, Strict Source} Route option data - RFC 791, 3.1
*/
struct ip_opt_data_rr {
uint8_t ptr; /* from start of option, >= 4 */
uint32_t iplist __flexarr; /* list of IP addresses */
} __attribute__((__packed__));
/*
* Timestamp option data - RFC 791, 3.1
*/
struct ip_opt_data_ts {
uint8_t ptr; /* from start of option, >= 5 */
#if DNET_BYTESEX == DNET_BIG_ENDIAN
uint8_t oflw:4, /* number of IPs skipped */
flg:4; /* address[ / timestamp] flag */
#elif DNET_BYTESEX == DNET_LIL_ENDIAN
uint8_t flg:4,
oflw:4;
#endif
uint32_t ipts __flexarr; /* IP address [/ timestamp] pairs */
} __attribute__((__packed__));
#define IP_OPT_TS_TSONLY 0 /* timestamps only */
#define IP_OPT_TS_TSADDR 1 /* IP address / timestamp pairs */
#define IP_OPT_TS_PRESPEC 3 /* IP address / zero timestamp pairs */
/*
* Traceroute option data - RFC 1393, 2.2
*/
struct ip_opt_data_tr {
uint16_t id; /* ID number */
uint16_t ohc; /* outbound hop count */
uint16_t rhc; /* return hop count */
uint32_t origip; /* originator IP address */
} __attribute__((__packed__));
/*
* IP option (following IP header)
*/
struct ip_opt {
uint8_t opt_type; /* option type */
uint8_t opt_len; /* option length >= IP_OPT_LEN */
union ip_opt_data {
struct ip_opt_data_sec sec; /* IP_OPT_SEC */
struct ip_opt_data_rr rr; /* IP_OPT_{L,S}RR */
struct ip_opt_data_ts ts; /* IP_OPT_TS */
uint16_t satid; /* IP_OPT_SATID */
uint16_t mtu; /* IP_OPT_MTU{P,R} */
struct ip_opt_data_tr tr; /* IP_OPT_TR */
uint32_t addext[2]; /* IP_OPT_ADDEXT */
uint16_t rtralt; /* IP_OPT_RTRALT */
uint32_t sdb[9]; /* IP_OPT_SDB */
uint8_t data8[IP_OPT_LEN_MAX - IP_OPT_LEN];
} opt_data;
} __attribute__((__packed__));
#ifndef __GNUC__
# pragma pack()
#endif
/*
* Classful addressing
*/
#define IP_CLASSA(i) (((uint32_t)(i) & htonl(0x80000000)) == \
htonl(0x00000000))
#define IP_CLASSA_NET (htonl(0xff000000))
#define IP_CLASSA_NSHIFT 24
#define IP_CLASSA_HOST (htonl(0x00ffffff))
#define IP_CLASSA_MAX 128
#define IP_CLASSB(i) (((uint32_t)(i) & htonl(0xc0000000)) == \
htonl(0x80000000))
#define IP_CLASSB_NET (htonl(0xffff0000))
#define IP_CLASSB_NSHIFT 16
#define IP_CLASSB_HOST (htonl(0x0000ffff))
#define IP_CLASSB_MAX 65536
#define IP_CLASSC(i) (((uint32_t)(i) & htonl(0xe0000000)) == \
htonl(0xc0000000))
#define IP_CLASSC_NET (htonl(0xffffff00))
#define IP_CLASSC_NSHIFT 8
#define IP_CLASSC_HOST (htonl(0x000000ff))
#define IP_CLASSD(i) (((uint32_t)(i) & htonl(0xf0000000)) == \
htonl(0xe0000000))
/* These ones aren't really net and host fields, but routing needn't know. */
#define IP_CLASSD_NET (htonl(0xf0000000))
#define IP_CLASSD_NSHIFT 28
#define IP_CLASSD_HOST (htonl(0x0fffffff))
#define IP_MULTICAST(i) IP_CLASSD(i)
#define IP_EXPERIMENTAL(i) (((uint32_t)(i) & htonl(0xf0000000)) == \
htonl(0xf0000000))
#define IP_BADCLASS(i) (((uint32_t)(i) & htonl(0xf0000000)) == \
htonl(0xf0000000))
#define IP_LOCAL_GROUP(i) (((uint32_t)(i) & htonl(0xffffff00)) == \
htonl(0xe0000000))
/*
* Reserved addresses
*/
#define IP_ADDR_ANY (htonl(0x00000000)) /* 0.0.0.0 */
#define IP_ADDR_BROADCAST (htonl(0xffffffff)) /* 255.255.255.255 */
#define IP_ADDR_LOOPBACK (htonl(0x7f000001)) /* 127.0.0.1 */
#define IP_ADDR_MCAST_ALL (htonl(0xe0000001)) /* 224.0.0.1 */
#define IP_ADDR_MCAST_LOCAL (htonl(0xe00000ff)) /* 224.0.0.255 */
#define ip_pack_hdr(hdr, tos, len, id, off, ttl, p, src, dst) do { \
struct ip_hdr *ip_pack_p = (struct ip_hdr *)(hdr); \
ip_pack_p->ip_v = 4; ip_pack_p->ip_hl = 5; \
ip_pack_p->ip_tos = tos; ip_pack_p->ip_len = htons(len); \
ip_pack_p->ip_id = htons(id); ip_pack_p->ip_off = htons(off); \
ip_pack_p->ip_ttl = ttl; ip_pack_p->ip_p = p; \
ip_pack_p->ip_src = src; ip_pack_p->ip_dst = dst; \
} while (0)
typedef struct ip_handle ip_t;
__BEGIN_DECLS
ip_t *ip_open(void);
ssize_t ip_send(ip_t *i, const void *buf, size_t len);
ip_t *ip_close(ip_t *i);
char *ip_ntop(const ip_addr_t *ip, char *dst, size_t len);
int ip_pton(const char *src, ip_addr_t *dst);
char *ip_ntoa(const ip_addr_t *ip);
#define ip_aton ip_pton
ssize_t ip_add_option(void *buf, size_t len,
int proto, const void *optbuf, size_t optlen);
void ip_checksum(void *buf, size_t len);
int ip_cksum_add(const void *buf, size_t len, int cksum);
#define ip_cksum_carry(x) \
(x = (x >> 16) + (x & 0xffff), (~(x + (x >> 16)) & 0xffff))
__END_DECLS
#endif /* DNET_IP_H */

183
external/source/meterpreter/source/extensions/sniffer/dnet/ip6.h vendored Normal file
View File

@ -0,0 +1,183 @@
/*
* ip6.h
*
* Internet Protocol, Version 6 (RFC 2460).
*
* Copyright (c) 2002 Dug Song <dugsong@monkey.org>
*
* $Id: ip6.h,v 1.6 2004/02/23 10:01:15 dugsong Exp $
*/
#ifndef DNET_IP6_H
#define DNET_IP6_H
#define IP6_ADDR_LEN 16
#define IP6_ADDR_BITS 128
#define IP6_HDR_LEN 40 /* IPv6 header length */
#define IP6_LEN_MIN IP6_HDR_LEN
#define IP6_LEN_MAX 65535 /* non-jumbo payload */
#define IP6_MTU_MIN 1280 /* minimum MTU (1024 + 256) */
typedef struct ip6_addr {
uint8_t data[IP6_ADDR_LEN];
} ip6_addr_t;
#ifndef __GNUC__
# define __attribute__(x)
# pragma pack(1)
#endif
/*
* IPv6 header
*/
struct ip6_hdr {
union {
struct ip6_hdr_ctl {
uint32_t ip6_un1_flow; /* 20 bits of flow ID */
uint16_t ip6_un1_plen; /* payload length */
uint8_t ip6_un1_nxt; /* next header */
uint8_t ip6_un1_hlim; /* hop limit */
} ip6_un1;
uint8_t ip6_un2_vfc; /* 4 bits version, top 4 bits class */
} ip6_ctlun;
ip6_addr_t ip6_src;
ip6_addr_t ip6_dst;
} __attribute__((__packed__));
#define ip6_vfc ip6_ctlun.ip6_un2_vfc
#define ip6_flow ip6_ctlun.ip6_un1.ip6_un1_flow
#define ip6_plen ip6_ctlun.ip6_un1.ip6_un1_plen
#define ip6_nxt ip6_ctlun.ip6_un1.ip6_un1_nxt /* IP_PROTO_* */
#define ip6_hlim ip6_ctlun.ip6_un1.ip6_un1_hlim
#define IP6_VERSION 0x60
#define IP6_VERSION_MASK 0xf0 /* ip6_vfc version */
#if DNET_BYTESEX == DNET_BIG_ENDIAN
#define IP6_FLOWINFO_MASK 0x0fffffff /* ip6_flow info (28 bits) */
#define IP6_FLOWLABEL_MASK 0x000fffff /* ip6_flow label (20 bits) */
#elif DNET_BYTESEX == DNET_LIL_ENDIAN
#define IP6_FLOWINFO_MASK 0xffffff0f /* ip6_flow info (28 bits) */
#define IP6_FLOWLABEL_MASK 0xffff0f00 /* ip6_flow label (20 bits) */
#endif
/*
* Hop limit (ip6_hlim)
*/
#define IP6_HLIM_DEFAULT 64
#define IP6_HLIM_MAX 255
/*
* Preferred extension header order from RFC 2460, 4.1:
*
* IP_PROTO_IPV6, IP_PROTO_HOPOPTS, IP_PROTO_DSTOPTS, IP_PROTO_ROUTING,
* IP_PROTO_FRAGMENT, IP_PROTO_AH, IP_PROTO_ESP, IP_PROTO_DSTOPTS, IP_PROTO_*
*/
/*
* Routing header data (IP_PROTO_ROUTING)
*/
struct ip6_ext_data_routing {
uint8_t type; /* routing type */
uint8_t segleft; /* segments left */
/* followed by routing type specific data */
} __attribute__((__packed__));
struct ip6_ext_data_routing0 {
uint8_t type; /* always zero */
uint8_t segleft; /* segments left */
uint8_t reserved; /* reserved field */
uint8_t slmap[3]; /* strict/loose bit map */
ip6_addr_t addr[1]; /* up to 23 addresses */
} __attribute__((__packed__));
/*
* Fragment header data (IP_PROTO_FRAGMENT)
*/
struct ip6_ext_data_fragment {
uint16_t offlg; /* offset, reserved, and flag */
uint32_t ident; /* identification */
} __attribute__((__packed__));
/*
* Fragmentation offset, reserved, and flags (offlg)
*/
#if DNET_BYTESEX == DNET_BIG_ENDIAN
#define IP6_OFF_MASK 0xfff8 /* mask out offset from offlg */
#define IP6_RESERVED_MASK 0x0006 /* reserved bits in offlg */
#define IP6_MORE_FRAG 0x0001 /* more-fragments flag */
#elif DNET_BYTESEX == DNET_LIL_ENDIAN
#define IP6_OFF_MASK 0xf8ff /* mask out offset from offlg */
#define IP6_RESERVED_MASK 0x0600 /* reserved bits in offlg */
#define IP6_MORE_FRAG 0x0100 /* more-fragments flag */
#endif
/*
* Option types, for IP_PROTO_HOPOPTS, IP_PROTO_DSTOPTS headers
*/
#define IP6_OPT_PAD1 0x00 /* 00 0 00000 */
#define IP6_OPT_PADN 0x01 /* 00 0 00001 */
#define IP6_OPT_JUMBO 0xC2 /* 11 0 00010 = 194 */
#define IP6_OPT_JUMBO_LEN 6
#define IP6_OPT_RTALERT 0x05 /* 00 0 00101 */
#define IP6_OPT_RTALERT_LEN 4
#define IP6_OPT_RTALERT_MLD 0 /* Datagram contains an MLD message */
#define IP6_OPT_RTALERT_RSVP 1 /* Datagram contains an RSVP message */
#define IP6_OPT_RTALERT_ACTNET 2 /* contains an Active Networks msg */
#define IP6_OPT_LEN_MIN 2
#define IP6_OPT_TYPE(o) ((o) & 0xC0) /* high 2 bits of opt_type */
#define IP6_OPT_TYPE_SKIP 0x00 /* continue processing on failure */
#define IP6_OPT_TYPE_DISCARD 0x40 /* discard packet on failure */
#define IP6_OPT_TYPE_FORCEICMP 0x80 /* discard and send ICMP on failure */
#define IP6_OPT_TYPE_ICMP 0xC0 /* ...only if non-multicast dst */
#define IP6_OPT_MUTABLE 0x20 /* option data may change en route */
/*
* Extension header (chained via {ip6,ext}_nxt, following IPv6 header)
*/
struct ip6_ext_hdr {
uint8_t ext_nxt; /* next header */
uint8_t ext_len; /* following length in units of 8 octets */
union {
struct ip6_ext_data_routing routing;
struct ip6_ext_data_fragment fragment;
} ext_data;
} __attribute__((__packed__));
#ifndef __GNUC__
# pragma pack()
#endif
/*
* Reserved addresses
*/
#define IP6_ADDR_UNSPEC \
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
#define IP6_ADDR_LOOPBACK \
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"
#define ip6_pack_hdr(hdr, fc, fl, plen, nxt, hlim, src, dst) do { \
struct ip6_hdr *ip6 = (struct ip6_hdr *)(hdr); \
ip6->ip6_flow = htonl(((uint32_t)(fc) << 28) & \
(IP6_FLOWLABEL_MASK | (fl))); \
ip6->ip6_vfc = (IP6_VERSION | ((fc) >> 4)); \
ip6->ip6_plen = htons((plen)); \
ip6->ip6_nxt = (nxt); ip6->ip6_hlim = (hlim); \
memmove(&ip6->ip6_src, &(src), IP6_ADDR_LEN); \
memmove(&ip6->ip6_dst, &(dst), IP6_ADDR_LEN); \
} while (0);
__BEGIN_DECLS
char *ip6_ntop(const ip6_addr_t *ip6, char *dst, size_t size);
int ip6_pton(const char *src, ip6_addr_t *dst);
char *ip6_ntoa(const ip6_addr_t *ip6);
#define ip6_aton ip6_pton
void ip6_checksum(void *buf, size_t len);
__END_DECLS
#endif /* DNET_IP6_H */

130
external/source/meterpreter/source/extensions/sniffer/dnet/os.h vendored Normal file
View File

@ -0,0 +1,130 @@
/*
* os.h
*
* Sleazy OS-specific defines.
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: os.h,v 1.12 2005/02/15 05:31:00 dugsong Exp $
*/
#ifndef DNET_OS_H
#define DNET_OS_H
#ifdef _WIN32
# include <winsock2.h>
# include <windows.h>
/* XXX */
# undef IP_OPT_LSRR
# undef IP_OPT_TS
# undef IP_OPT_RR
# undef IP_OPT_SSRR
typedef u_char uint8_t;
typedef u_short uint16_t;
typedef u_int uint32_t;
# ifndef __CYGWIN__
typedef long ssize_t;
# endif
#else
# include <sys/param.h>
# include <sys/types.h>
# include <sys/socket.h>
# include <netinet/in.h>
# include <arpa/inet.h>
# include <netdb.h>
# ifdef __bsdi__
# include <machine/types.h>
typedef u_int8_t uint8_t;
typedef u_int16_t uint16_t;
typedef u_int32_t uint32_t;
typedef u_int64_t uint64_t;
# else
# include <inttypes.h>
# endif
#endif
#define DNET_LIL_ENDIAN 1234
#define DNET_BIG_ENDIAN 4321
/* BSD and IRIX */
#ifdef BYTE_ORDER
#if BYTE_ORDER == LITTLE_ENDIAN
# define DNET_BYTESEX DNET_LIL_ENDIAN
#elif BYTE_ORDER == BIG_ENDIAN
# define DNET_BYTESEX DNET_BIG_ENDIAN
#endif
#endif
/* Linux */
#ifdef __BYTE_ORDER
#if __BYTE_ORDER == __LITTLE_ENDIAN
# define DNET_BYTESEX DNET_LIL_ENDIAN
#elif __BYTE_ORDER == __BIG_ENDIAN
# define DNET_BYTESEX DNET_BIG_ENDIAN
#endif
#endif
/* Solaris */
#if defined(_BIT_FIELDS_LTOH)
# define DNET_BYTESEX DNET_LIL_ENDIAN
#elif defined (_BIT_FIELDS_HTOL)
# define DNET_BYTESEX DNET_BIG_ENDIAN
#endif
/* Win32 - XXX */
#ifdef _WIN32
# define DNET_BYTESEX DNET_LIL_ENDIAN
#endif
/* Nastiness from old BIND code. */
#ifndef DNET_BYTESEX
# if defined(vax) || defined(ns32000) || defined(sun386) || defined(i386) || \
defined(MIPSEL) || defined(_MIPSEL) || defined(BIT_ZERO_ON_RIGHT) || \
defined(__alpha__) || defined(__alpha)
# define DNET_BYTESEX DNET_LIL_ENDIAN
# elif defined(sel) || defined(pyr) || defined(mc68000) || defined(sparc) || \
defined(is68k) || defined(tahoe) || defined(ibm032) || defined(ibm370) || \
defined(MIPSEB) || defined(_MIPSEB) || defined(_IBMR2) || defined(DGUX) ||\
defined(apollo) || defined(__convex__) || defined(_CRAY) || \
defined(__hppa) || defined(__hp9000) || \
defined(__hp9000s300) || defined(__hp9000s700) || defined(__ia64) || \
defined (BIT_ZERO_ON_LEFT) || defined(m68k)
# define DNET_BYTESEX DNET_BIG_ENDIAN
# else
# error "bytesex unknown"
# endif
#endif
/* C++ support. */
#undef __BEGIN_DECLS
#undef __END_DECLS
#ifdef __cplusplus
# define __BEGIN_DECLS extern "C" {
# define __END_DECLS } /* extern "C" */
#else
# define __BEGIN_DECLS
# define __END_DECLS
#endif
/* Support for flexible arrays. */
#undef __flexarr
#if defined(__GNUC__) && ((__GNUC__ > 2) || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97))
/* GCC 2.97 supports C99 flexible array members. */
# define __flexarr []
#else
# ifdef __GNUC__
# define __flexarr [0]
# else
# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L
# define __flexarr []
# elif defined(_WIN32)
/* MS VC++ */
# define __flexarr []
# else
/* Some other non-C99 compiler. Approximate with [1]. */
# define __flexarr [1]
# endif
# endif
#endif
#endif /* DNET_OS_H */

33
external/source/meterpreter/source/extensions/sniffer/dnet/rand.h vendored Normal file
View File

@ -0,0 +1,33 @@
/*
* rand.h
*
* Pseudo-random number generation, based on OpenBSD arc4random().
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
* Copyright (c) 1996 David Mazieres <dm@lcs.mit.edu>
*
* $Id: rand.h,v 1.4 2002/04/07 19:01:25 dugsong Exp $
*/
#ifndef DNET_RAND_H
#define DNET_RAND_H
typedef struct rand_handle rand_t;
__BEGIN_DECLS
rand_t *rand_open(void);
int rand_get(rand_t *r, void *buf, size_t len);
int rand_set(rand_t *r, const void *seed, size_t len);
int rand_add(rand_t *r, const void *buf, size_t len);
uint8_t rand_uint8(rand_t *r);
uint16_t rand_uint16(rand_t *r);
uint32_t rand_uint32(rand_t *r);
int rand_shuffle(rand_t *r, void *base, size_t nmemb, size_t size);
rand_t *rand_close(rand_t *r);
__END_DECLS
#endif /* DNET_RAND_H */

35
external/source/meterpreter/source/extensions/sniffer/dnet/route.h vendored Normal file
View File

@ -0,0 +1,35 @@
/*
* route.c
*
* Kernel route table operations.
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: route.h,v 1.6 2002/02/04 04:02:22 dugsong Exp $
*/
#ifndef DNET_ROUTE_H
#define DNET_ROUTE_H
/*
* Routing table entry
*/
struct route_entry {
struct addr route_dst; /* destination address */
struct addr route_gw; /* gateway address */
};
typedef struct route_handle route_t;
typedef int (*route_handler)(const struct route_entry *entry, void *arg);
__BEGIN_DECLS
route_t *route_open(void);
int route_add(route_t *r, const struct route_entry *entry);
int route_delete(route_t *r, const struct route_entry *entry);
int route_get(route_t *r, struct route_entry *entry);
int route_loop(route_t *r, route_handler callback, void *arg);
route_t *route_close(route_t *r);
__END_DECLS
#endif /* DNET_ROUTE_H */

158
external/source/meterpreter/source/extensions/sniffer/dnet/tcp.h vendored Normal file
View File

@ -0,0 +1,158 @@
/*
* tcp.h
*
* Transmission Control Protocol (RFC 793).
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: tcp.h,v 1.17 2004/02/23 10:02:11 dugsong Exp $
*/
#ifndef DNET_TCP_H
#define DNET_TCP_H
#define TCP_HDR_LEN 20 /* base TCP header length */
#define TCP_OPT_LEN 2 /* base TCP option length */
#define TCP_OPT_LEN_MAX 40
#define TCP_HDR_LEN_MAX (TCP_HDR_LEN + TCP_OPT_LEN_MAX)
#ifndef __GNUC__
# define __attribute__(x)
# pragma pack(1)
#endif
/*
* TCP header, without options
*/
struct tcp_hdr {
uint16_t th_sport; /* source port */
uint16_t th_dport; /* destination port */
uint32_t th_seq; /* sequence number */
uint32_t th_ack; /* acknowledgment number */
#if DNET_BYTESEX == DNET_BIG_ENDIAN
uint8_t th_off:4, /* data offset */
th_x2:4; /* (unused) */
#elif DNET_BYTESEX == DNET_LIL_ENDIAN
uint8_t th_x2:4,
th_off:4;
#else
# error "need to include <dnet.h>"
#endif
uint8_t th_flags; /* control flags */
uint16_t th_win; /* window */
uint16_t th_sum; /* checksum */
uint16_t th_urp; /* urgent pointer */
};
/*
* TCP control flags (th_flags)
*/
#define TH_FIN 0x01 /* end of data */
#define TH_SYN 0x02 /* synchronize sequence numbers */
#define TH_RST 0x04 /* reset connection */
#define TH_PUSH 0x08 /* push */
#define TH_ACK 0x10 /* acknowledgment number set */
#define TH_URG 0x20 /* urgent pointer set */
#define TH_ECE 0x40 /* ECN echo, RFC 3168 */
#define TH_CWR 0x80 /* congestion window reduced */
#define TCP_PORT_MAX 65535 /* maximum port */
#define TCP_WIN_MAX 65535 /* maximum (unscaled) window */
/*
* Sequence number comparison macros
*/
#define TCP_SEQ_LT(a,b) ((int)((a)-(b)) < 0)
#define TCP_SEQ_LEQ(a,b) ((int)((a)-(b)) <= 0)
#define TCP_SEQ_GT(a,b) ((int)((a)-(b)) > 0)
#define TCP_SEQ_GEQ(a,b) ((int)((a)-(b)) >= 0)
/*
* TCP FSM states
*/
#define TCP_STATE_CLOSED 0 /* closed */
#define TCP_STATE_LISTEN 1 /* listening from connection */
#define TCP_STATE_SYN_SENT 2 /* active, have sent SYN */
#define TCP_STATE_SYN_RECEIVED 3 /* have sent and received SYN */
#define TCP_STATE_ESTABLISHED 4 /* established */
#define TCP_STATE_CLOSE_WAIT 5 /* rcvd FIN, waiting for close */
#define TCP_STATE_FIN_WAIT_1 6 /* have closed, sent FIN */
#define TCP_STATE_CLOSING 7 /* closed xchd FIN, await FIN-ACK */
#define TCP_STATE_LAST_ACK 8 /* had FIN and close, await FIN-ACK */
#define TCP_STATE_FIN_WAIT_2 9 /* have closed, FIN is acked */
#define TCP_STATE_TIME_WAIT 10 /* in 2*MSL quiet wait after close */
#define TCP_STATE_MAX 11
/*
* Options (opt_type) - http://www.iana.org/assignments/tcp-parameters
*/
#define TCP_OPT_EOL 0 /* end of option list */
#define TCP_OPT_NOP 1 /* no operation */
#define TCP_OPT_MSS 2 /* maximum segment size */
#define TCP_OPT_WSCALE 3 /* window scale factor, RFC 1072 */
#define TCP_OPT_SACKOK 4 /* SACK permitted, RFC 2018 */
#define TCP_OPT_SACK 5 /* SACK, RFC 2018 */
#define TCP_OPT_ECHO 6 /* echo (obsolete), RFC 1072 */
#define TCP_OPT_ECHOREPLY 7 /* echo reply (obsolete), RFC 1072 */
#define TCP_OPT_TIMESTAMP 8 /* timestamp, RFC 1323 */
#define TCP_OPT_POCONN 9 /* partial order conn, RFC 1693 */
#define TCP_OPT_POSVC 10 /* partial order service, RFC 1693 */
#define TCP_OPT_CC 11 /* connection count, RFC 1644 */
#define TCP_OPT_CCNEW 12 /* CC.NEW, RFC 1644 */
#define TCP_OPT_CCECHO 13 /* CC.ECHO, RFC 1644 */
#define TCP_OPT_ALTSUM 14 /* alt checksum request, RFC 1146 */
#define TCP_OPT_ALTSUMDATA 15 /* alt checksum data, RFC 1146 */
#define TCP_OPT_SKEETER 16 /* Skeeter */
#define TCP_OPT_BUBBA 17 /* Bubba */
#define TCP_OPT_TRAILSUM 18 /* trailer checksum */
#define TCP_OPT_MD5 19 /* MD5 signature, RFC 2385 */
#define TCP_OPT_SCPS 20 /* SCPS capabilities */
#define TCP_OPT_SNACK 21 /* selective negative acks */
#define TCP_OPT_REC 22 /* record boundaries */
#define TCP_OPT_CORRUPT 23 /* corruption experienced */
#define TCP_OPT_SNAP 24 /* SNAP */
#define TCP_OPT_TCPCOMP 26 /* TCP compression filter */
#define TCP_OPT_MAX 27
#define TCP_OPT_TYPEONLY(type) \
((type) == TCP_OPT_EOL || (type) == TCP_OPT_NOP)
/*
* TCP option (following TCP header)
*/
struct tcp_opt {
uint8_t opt_type; /* option type */
uint8_t opt_len; /* option length >= TCP_OPT_LEN */
union tcp_opt_data {
uint16_t mss; /* TCP_OPT_MSS */
uint8_t wscale; /* TCP_OPT_WSCALE */
uint16_t sack[19]; /* TCP_OPT_SACK */
uint32_t echo; /* TCP_OPT_ECHO{REPLY} */
uint32_t timestamp[2]; /* TCP_OPT_TIMESTAMP */
uint32_t cc; /* TCP_OPT_CC{NEW,ECHO} */
uint8_t cksum; /* TCP_OPT_ALTSUM */
uint8_t md5[16]; /* TCP_OPT_MD5 */
uint8_t data8[TCP_OPT_LEN_MAX - TCP_OPT_LEN];
} opt_data;
} __attribute__((__packed__));
#ifndef __GNUC__
# pragma pack()
#endif
#define tcp_pack_hdr(hdr, sport, dport, seq, ack, flags, win, urp) do { \
struct tcp_hdr *tcp_pack_p = (struct tcp_hdr *)(hdr); \
tcp_pack_p->th_sport = htons(sport); \
tcp_pack_p->th_dport = htons(dport); \
tcp_pack_p->th_seq = htonl(seq); \
tcp_pack_p->th_ack = htonl(ack); \
tcp_pack_p->th_x2 = 0; tcp_pack_p->th_off = 5; \
tcp_pack_p->th_flags = flags; \
tcp_pack_p->th_win = htons(win); \
tcp_pack_p->th_urp = htons(urp); \
} while (0)
#endif /* DNET_TCP_H */

25
external/source/meterpreter/source/extensions/sniffer/dnet/tun.h vendored Normal file
View File

@ -0,0 +1,25 @@
/*
* tun.h
*
* Network tunnel device.
*
* Copyright (c) 2001 Dug Song <dugsong@monkey.org>
*
* $Id: tun.h,v 1.2 2005/01/25 21:29:12 dugsong Exp $
*/
#ifndef DNET_TUN_H
#define DNET_TUN_H
typedef struct tun tun_t;
__BEGIN_DECLS
tun_t *tun_open(struct addr *src, struct addr *dst, int mtu);
int tun_fileno(tun_t *tun);
const char *tun_name(tun_t *tun);
ssize_t tun_send(tun_t *tun, const void *buf, size_t size);
ssize_t tun_recv(tun_t *tun, void *buf, size_t size);
tun_t *tun_close(tun_t *tun);
__END_DECLS
#endif /* DNET_TUN_H */

32
external/source/meterpreter/source/extensions/sniffer/dnet/udp.h vendored Normal file
View File

@ -0,0 +1,32 @@
/*
* udp.h
*
* User Datagram Protocol (RFC 768).
*
* Copyright (c) 2000 Dug Song <dugsong@monkey.org>
*
* $Id: udp.h,v 1.8 2002/04/02 05:05:39 dugsong Exp $
*/
#ifndef DNET_UDP_H
#define DNET_UDP_H
#define UDP_HDR_LEN 8
struct udp_hdr {
uint16_t uh_sport; /* source port */
uint16_t uh_dport; /* destination port */
uint16_t uh_ulen; /* udp length (including header) */
uint16_t uh_sum; /* udp checksum */
};
#define UDP_PORT_MAX 65535
#define udp_pack_hdr(hdr, sport, dport, ulen) do { \
struct udp_hdr *udp_pack_p = (struct udp_hdr *)(hdr); \
udp_pack_p->uh_sport = htons(sport); \
udp_pack_p->uh_dport = htons(dport); \
udp_pack_p->uh_ulen = htons(ulen); \
} while (0)
#endif /* DNET_UDP_H */

32
external/source/meterpreter/source/extensions/sniffer/sniffer.c vendored
View File

@ -167,10 +167,10 @@ void __stdcall sniffer_receive(DWORD_PTR Param, DWORD_PTR ThParam, HANDLE hPacke
HANDLE pkt;
unsigned char *pktbuf;
unsigned char *pktmax;
ETHERNET_HEADER *eth;
IP_HEADER *ip;
TCP_HEADER *tcp;
// UDP_HEADER *udp;
struct eth_hdr *eth;
struct ip_hdr *ip;
struct tcp_hdr *tcp;
// struct udp_hdr *udp;
j = (CaptureJob *)Param;
@ -184,41 +184,41 @@ void __stdcall sniffer_receive(DWORD_PTR Param, DWORD_PTR ThParam, HANDLE hPacke
// Traffic filtering goes here
do {
// Skip matching on short packets
if(IncPacketSize < sizeof(ETHERNET_HEADER)+sizeof(IP_HEADER)+sizeof(TCP_HEADER)){
if(IncPacketSize < ETH_HDR_LEN + IP_HDR_LEN + TCP_HDR_LEN){
dprintf("sniffer>> skipping exclusion because the packet is too small");
break;
}
// Match IP packets
if(! peername4) {
if(!peername4) {
dprintf("sniffer>> skipping exclusion because peername4 is not defined");
break;
}
// Skip non-IP packets
eth = (ETHERNET_HEADER *) pktbuf;
if(ntohs(eth->EthType) != ETHERTYPE_IP) {
eth = (struct eth_hdr *) pktbuf;
if(ntohs(eth->eth_type) != ETH_TYPE_IP) {
dprintf("sniffer>> skipping non-IP packet from filter");
break;
}
// Skip non-TCP/UDP packets
ip = (IP_HEADER *)&pktbuf[sizeof(ETHERNET_HEADER)];
if(ip->Protocol != IPPROTO_TCP && ip->Protocol != IPPROTO_UDP) {
dprintf("sniffer>> skipping non-TCP/UDP packet from filter: %d", ip->Protocol);
ip = (struct ip_hdr *) &pktbuf[ETH_HDR_LEN];
if(ip->ip_p != IP_PROTO_TCP && ip->ip_p != IP_PROTO_UDP) {
dprintf("sniffer>> skipping non-TCP/UDP packet from filter: %d", ip->ip_p);
break;
}
if(ip->Protocol == IPPROTO_TCP) {
tcp = (TCP_HEADER *)&pktbuf[sizeof(ETHERNET_HEADER) + (ip->Len * 4)];
if( (unsigned char *)tcp + sizeof(TCP_HEADER) > pktmax) {
if(ip->ip_p == IP_PROTO_TCP) {
tcp = (struct tcp_hdr *) &pktbuf[ETH_HDR_LEN + (ip->ip_hl * 4)];
if( (unsigned char *)tcp + TCP_HDR_LEN > pktmax) {
dprintf("sniffer>> TCP packet is too short");
break;
}
// Ignore our own control session's traffic
if ( (memcmp(&ip->SrcAddr, &peername4->sin_addr, 4) == 0 && tcp->Sport == peername4->sin_port) ||
(memcmp(&ip->DestAddr, &peername4->sin_addr, 4) == 0 && tcp->Dport == peername4->sin_port) ) {
if ( (memcmp(&ip->ip_src, &peername4->sin_addr, 4) == 0 && tcp->th_sport == peername4->sin_port) ||
(memcmp(&ip->ip_dst, &peername4->sin_addr, 4) == 0 && tcp->th_dport == peername4->sin_port) ) {
return;
}
// TODO: Scan through a list of included/excluded ports

6
external/source/meterpreter/source/extensions/sniffer/sniffer.h vendored
View File

@ -6,11 +6,7 @@
#include <ws2tcpip.h>
#include "HNPsSdkUser.h"
#include "ethernet.h"
#include "ip.h"
#include "tcp.h"
#include "udp.h"
#include "dnet.h"
typedef struct capturejob
{