Bytesaber generates various TCP packets by your request, written for testing a TCP fingerprinting based OS detection routine.
2de63e891b1fb23cb09736cc0e35e12c76ff54126034a2e8789f27af095786c8
/*-----------------------< Bytesaber v1.0 by SectorX >----------------------*
This is just a little proggie that generates various TCP packets by
your request. I wrote this while writing a TCP fingerprinting based
OS detection routine, and i needed something to debug my packets with ...
This was coded in a rush so dont expect much of it.
umm, btw :
greetz to: missnglnk and kmissngln (=missnglnk, KDE version ;),
ti, ^moo^ and the rest of the #include people,
jmp_dollar, FrogFoot, Kes0r, Prodigy4 and some other people
i forgot to greet ...
*--------------------< SectorX (sectorx@digitalphobia.com) >----------------*/
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <string.h>
#include <unistd.h>
#include <netinet/in.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#define TCP_FIN 0x01
#define TCP_SYN 0x02
#define TCP_ACK 0x03
#define TCP_PSH 0x04
#define TCP_URG 0x05
#define TCP_RST 0x06
#define TCP_FIN_SYN 0x07
#define TCP_SYN_ACK 0x08
int seqnumber = 1;
typedef struct {
struct iphdr ip;
struct tcphdr tcp;
unsigned char data[65535];
} packet;
packet SX_recvpacket(int sock,unsigned short sport)
{
packet pkt;
while (read(sock,(packet *)&pkt,65535)) {
if (pkt.tcp.dest == htons(sport))
return(pkt);
}
close(sock);
return;
}
unsigned short do_sum(unsigned short *ptr,int nbytes)
{
register long sum;
u_short oddbyte;
register u_short answer;
sum=0;
while (nbytes > 1) {
sum+=*ptr++;
nbytes-=2;
}
if (nbytes == 1) {
oddbyte=0;
*((u_char *)&oddbyte) = *(u_char *)ptr;
sum+=oddbyte;
}
sum=(sum>>16)+(sum & 0xFFFF);
sum+=(sum>>16);
answer = ~sum;
return (answer);
}
int SX_packet(unsigned int src_addr, unsigned int dst_addr,
unsigned short srcport, unsigned short dstport,
unsigned int flag)
{
struct tcphdr outgoing;
struct sockaddr_in SX;
struct w00 {
unsigned int src;
unsigned int dst;
unsigned char ph;
unsigned char protocol;
unsigned short length;
struct tcphdr tcp;
} w00;
int SXsize;
int sock;
int ret;
outgoing.source=htons(srcport);
outgoing.dest=htons(dstport);
outgoing.seq = seqnumber;
outgoing.ack_seq = 0;
outgoing.doff = 5;
outgoing.res1 = 0;
outgoing.res2 = 0;
outgoing.fin=0;
outgoing.syn=0;
outgoing.ack=0;
outgoing.psh=0;
outgoing.urg=0;
outgoing.rst=0;
switch (flag) {
case TCP_FIN:
outgoing.fin=1;
break;
case TCP_SYN:
outgoing.syn=1;
break;
case TCP_ACK:
outgoing.ack=1;
break;
case TCP_PSH:
outgoing.psh=1;
break;
case TCP_URG:
outgoing.urg=1;
break;
case TCP_RST:
outgoing.rst=1;
break;
case TCP_FIN_SYN:
outgoing.fin=1;
outgoing.syn=1;
break;
case TCP_SYN_ACK:
outgoing.syn=1;
outgoing.ack=1;
break;
default:
printf("Unknown(?) packet flag\n");
return;
}
outgoing.window=htons(512);
outgoing.check=0;
outgoing.urg_ptr=0;
w00.src = src_addr;
w00.dst = dst_addr;
w00.ph = 0;
w00.protocol = IPPROTO_TCP;
w00.length = htons(20);
bcopy(&outgoing,&w00.tcp,20);
outgoing.check = do_sum((unsigned short *)&w00,32);
SX.sin_family = AF_INET;
SX.sin_port = htons(dstport);
SX.sin_addr.s_addr = dst_addr;
SXsize = sizeof(SX);
if ((sock=socket(AF_INET,SOCK_RAW,IPPROTO_TCP)) == -1) {
perror("socket() ");
return -1;
}
ret=sendto(sock,&outgoing,20,0,(struct sockaddr *)&SX,SXsize);
return sock;
}
int main(int argc, char *argv[])
{
unsigned int src,dst;
unsigned short sprt,dprt;
int i;
int sock;
int flag = 0x02;
packet pkt;
system("clear");
printf(" Bytesaber v1.0 by SectorX\n");
printf(" <--------------------------->\n\n");
if (getuid() != 0) printf("***{ WARNING : RAW SOCKETS REQUIRES ROOT! }***\n");
if (argc < 5) {
fprintf(stderr, "\nusage: %s <source ip> <dest ip> <source port> <dest port> [num] [seq]\n\n",argv[0]);
fprintf(stderr, "[num] is the tcp flags to set, default = SYN\n");
fprintf(stderr, "1 = FIN :: 2 = SYN :: 3 = ACK :: 4 = PSH :: 5 = URG\n");
fprintf(stderr, "6 = RST :: 7 = FIN+SYN :: 8 = SYN+ACK\n\n");
exit(1);
}
if (argc == 6)
flag = atoi(argv[5]);
if (argc == 7)
seqnumber = atoi(argv[6]);
src = inet_addr(argv[1]);
dst = inet_addr(argv[2]);
sprt = atoi(argv[3]);
dprt = atoi(argv[4]);
fprintf(stderr, "==[ OUTGOING PACKET STATUS ]===================================\n");
fprintf(stderr, "Source = %s [%d] Destination = %s [%d]\n",argv[1],src,argv[2],dst);
fprintf(stderr, "Source port = %d Destination port = %d\n",sprt,dprt);
fprintf(stderr, "Flag = 0x%x | Seq = %d\n\n\n",flag,seqnumber);
sock=SX_packet(src,dst,sprt,dprt,flag);
pkt=SX_recvpacket(sock,sprt);
printf("==[ GOT RESPONE PACKET ]=======================================\n");
printf("Flags: ");
if (pkt.tcp.fin != 0)
printf("FIN ");
if (pkt.tcp.syn != 0)
printf("SYN ");
if (pkt.tcp.ack != 0)
printf("ACK ");
if (pkt.tcp.psh != 0)
printf("PUSH ");
if (pkt.tcp.urg != 0)
printf("URG ");
if (pkt.tcp.rst != 0)
printf("RESET ");
printf("\n");
printf("dst port = %d (=%d) | src port = %d (=%d)\n",pkt.tcp.dest,pkt.tcp.dest/256,pkt.tcp.source,pkt.tcp.source/256);
printf("seq = %d | ack_seq = %d | doff = %d | res1 = %d | res2 = %d\n",pkt.tcp.seq,pkt.tcp.ack_seq,pkt.tcp.doff,pkt.tcp.res1,pkt.tcp.res2);
printf("window = %d | urg_ptr = %d | check = %d\n\n",pkt.tcp.window,pkt.tcp.urg_ptr,pkt.tcp.check);
printf("Data :\n%s\n",pkt.data);
close(sock);
}