38 #include <arpa/inet.h> 51 #ifdef BSD_BYTE_ORDERING 55 # define FIX(n) htons(n) 56 # define UNFIX(n) ntohs(n) 125 #define TCP_FLAG_RST 0x0004 126 #define TCP_FLAG_ACK 0x0010 127 #define TCP_FLAG_PUSH 0x0008 141 struct sockaddr_in
in;
156 which_ttl (method, old_ttl)
174 int num_hops = old_ttl;
179 else if (num_hops < 64)
183 else if (num_hops < 128)
185 ttl = 128 - num_hops;
188 ttl = 255 - num_hops;
197 f = open (
"/proc/sys/net/ipv4/ip_default_ttl", O_RDONLY);
209 read (f, rd,
sizeof (rd) - 1);
236 register u_short answer;
237 register long sum = 0;
238 u_short odd_byte = 0;
249 *(u_char *) (&odd_byte) = *(u_char *) p;
253 sum = (sum >> 16) + (sum & 0xffff);
261 tcp_cksum (packet, len)
266 char *tcpsumdata = g_malloc0 (
sizeof (
struct pseudohdr) + len + 1);
267 struct in_addr source, dest;
270 char *data = (
char *) (packet + ip->
ip_hl * 4 + tcp->
th_off * 4);
272 source.s_addr = ip->ip_src.s_addr;
273 dest.s_addr = ip->
ip_dst.s_addr;
275 bzero (&pseudoheader, 12 +
sizeof (
struct tcp_packet));
276 pseudoheader.saddr.s_addr = source.s_addr;
277 pseudoheader.daddr.s_addr = dest.s_addr;
279 pseudoheader.protocol = IPPROTO_TCP;
280 pseudoheader.length = htons (
sizeof (
struct tcp_packet) + len);
281 bcopy ((
char *) tcp, (
char *) &pseudoheader.tcpheader,
284 bcopy ((
char *) &pseudoheader, tcpsumdata,
sizeof (
struct pseudohdr));
285 bcopy ((
char *) data, tcpsumdata +
sizeof (
struct pseudohdr), len);
287 in_cksum ((
unsigned short *) tcpsumdata,
327 inject (orig_packet, packet_len, method, flags, data, data_len)
329 unsigned int packet_len;
343 struct sockaddr_in sockaddr;
350 old_ip = (
struct ip_packet *) orig_packet;
358 soc = socket (AF_INET, SOCK_RAW, IPPROTO_RAW);
362 setsockopt (soc, IPPROTO_IP, IP_HDRINCL, &one,
sizeof (one));
363 packet = g_malloc0 (tot_len);
368 for (i = 0; i < data_len; i++)
369 packet[i +
sizeof (
struct ip_packet)] = data[i];
379 memcpy (ip, old_ip,
sizeof (
struct ip_packet));
384 ip->ip_src.s_addr = old_ip->
ip_dst.s_addr;
385 ip->
ip_dst.s_addr = old_ip->ip_src.s_addr;
390 memcpy (tcp, old_tcp,
sizeof (
struct tcp_packet));
393 tcp->
th_ack = htonl (ntohl (old_tcp->th_seq) + 1);
395 tcp->
th_ack = old_tcp->th_seq;
397 tcp->
th_seq = old_tcp->th_ack;
403 tcp_cksum (packet, data_len);
411 bzero (&sockaddr,
sizeof (sockaddr));
412 sockaddr.sin_family = AF_INET;
413 sockaddr.sin_addr.s_addr = ip->
ip_dst.s_addr;
417 (soc, packet, tot_len, 0, (
struct sockaddr *) &sockaddr,
418 sizeof (sockaddr)) < 0)
421 (
"openvas-libraries : libopenvas : ids_send.c : inject() : sendto() ");
430 injectv6 (orig_packet, packet_len, method, flags, data, data_len)
432 unsigned int packet_len;
445 struct sockaddr_in6 sockaddr6;
451 old_tcp = (
struct tcp_packet *) (orig_packet + 40);
453 soc = socket (AF_INET6, SOCK_RAW, IPPROTO_RAW);
457 packet = g_malloc0 (tot_len);
462 for (i = 0; i < data_len; i++)
475 memcpy (ip6, old_ip6,
sizeof (
struct ipv6_header));
482 memcpy (&ip6->
ip6_src, &old_ip6->
ip6_dst, sizeof (
struct in6_addr));
483 memcpy (&ip6->
ip6_dst, &old_ip6->
ip6_src, sizeof (
struct in6_addr));
485 memcpy (tcp, old_tcp,
sizeof (
struct tcp_packet));
498 tcp_cksum (packet, data_len);
506 bzero (&sockaddr6,
sizeof (sockaddr6));
507 sockaddr6.sin6_family = AF_INET6;
508 sockaddr6.sin6_addr = ip6->
ip6_dst;
511 (soc, packet, tot_len, 0, (
struct sockaddr *) &sockaddr6,
512 sizeof (sockaddr6)) < 0)
515 (
"openvas-libraries : libopenvas : ids_send.c : inject() : sendto() ");
530 struct in_addr dst, src;
531 struct in6_addr dst6, src6;
532 struct sockaddr_in6 sockaddr6;
533 struct sockaddr_in *saddr;
538 char *src_host, *dst_host;
542 char *buf = (
char *) buf0;
543 unsigned int sz =
sizeof (sockaddr6);
545 unsigned char *packet;
547 char hostname[INET6_ADDRSTRLEN];
550 if (getpeername (fd, &(su->
sockaddr), &sz) < 0)
552 perror (
"getpeername() ");
556 if (sa->sa_family == AF_INET)
560 port = ntohs (saddr->sin_port);
561 dst.s_addr = saddr->sin_addr.s_addr;
565 src_host = g_strdup (inet_ntoa (src));
566 dst_host = g_strdup (inet_ntoa (dst));
568 snprintf (filter,
sizeof (filter),
569 "tcp and (src host %s and dst host %s and src port %d)",
570 dst_host, src_host, port);
578 port = ntohs (sockaddr6.sin6_port);
579 memcpy (&dst6, &sockaddr6.sin6_addr, sizeof (
struct in6_addr));
580 bzero (&src6,
sizeof (src6));
584 g_strdup (inet_ntop (AF_INET6, &src6, hostname,
sizeof (hostname)));
586 g_strdup (inet_ntop (AF_INET6, &dst6, hostname,
sizeof (hostname)));
587 snprintf (filter,
sizeof (filter),
588 "tcp and (src host %s and dst host %s and src port %d)",
589 dst_host, src_host, port);
597 e = send (fd, buf + ret, 1, 0);
611 int num_before = (rand () / 1000) % 3;
612 int num_after = (rand () / 1000) % 3;
615 if (!num_before && !num_after)
628 for (i = 0; i < num_before; i++)
632 for (j = 0; j < 10; j++)
634 if (family == AF_INET)
646 e = send (fd, buf + ret, 1, 0);
651 for (i = 0; i < num_after; i++)
655 for (j = 0; j < 10; j++)
657 if (family == AF_INET)
671 e = send (fd, buf + ret, 1, 0);
683 return send (fd, buf, n, 0);
695 struct in_addr dst, src;
696 struct in6_addr *dst6 = NULL, src6;
699 char *src_host, *dst_host;
702 char hostname[INET6_ADDRSTRLEN];
711 if (IN6_IS_ADDR_V4MAPPED (dst6))
714 dst.s_addr = dst6->s6_addr32[3];
717 src_host = g_strdup (inet_ntoa (src));
718 dst_host = g_strdup (inet_ntoa (dst));
725 g_strdup (inet_ntop (AF_INET6, &src6, hostname,
sizeof (hostname)));
727 g_strdup (inet_ntop (AF_INET6, dst6, hostname,
sizeof (hostname)));
730 snprintf (filter,
sizeof (filter),
731 "tcp and (src host %s and dst host %s and src port %d)", dst_host,
744 unsigned char *packet =
bpf_next (bpf, &len);
751 if (family == AF_INET)
char * v6_routethrough(struct in6_addr *dest, struct in6_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
#define OPENVAS_CNX_IDS_EVASION_SHORT_TTL
int ids_open_sock_tcp(struct arglist *args, int port, int method, int timeout)
struct tcp_packet tcpheader
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
int get_datalink_size(int datalink)
int bpf_datalink(int bpf)
int open_sock_tcp(struct arglist *args, unsigned int port, int timeout)
struct in_addr ip_src ip_dst
int ids_send(int fd, void *buf0, int n, int method)
int bpf_open_live(char *iface, char *filter)
struct in6_addr * plug_get_host_ip(struct arglist *desc)
char * routethrough(struct in_addr *dest, struct in_addr *source)
An awesome function to determine what interface a packet to a given destination should be routed thro...
#define OPENVAS_CNX_IDS_EVASION_FAKE_RST
u_char * bpf_next(int bpf, int *caplen)