rnhmjoj/fakeroute
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Create ICMP packets containing valid IP and UDP data

Browse Source 
The encapsulated IP packed was missing source/destination addresses and
the UDP datagram had size 0.
This commit is contained in:
Michele Guerini Rocco 2023-06-17 10:58:05 +02:00
parent e17b206b83
commit 8182ef4335
Signed by: rnhmjoj
GPG Key ID: BFBAF4C975F76450
7 changed files with 27 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/ConnectionManager.cpp
View File

@ -55,10 +55,10 @@ class FakeroutePacket* ConnectionManager::getPacketFor(char* sourceAddress, char
if (isTransitHop((*entry).getTtl()/3)) { if (isTransitHop((*entry).getTtl()/3)) {
spoofedPacket = new TimeToLiveExpiredFakeroutePacket(sourcePort, destinationPort, spoofedPacket = new TimeToLiveExpiredFakeroutePacket(sourcePort, destinationPort,
sourceIp, destinationAddress); sourceIp, destinationAddress, sourceAddress);
} else { } else {
spoofedPacket = new DestHostUnreachableFakeroutePacket(sourcePort, destinationPort, spoofedPacket = new DestHostUnreachableFakeroutePacket(sourcePort, destinationPort,
sourceIp, destinationAddress); sourceIp, destinationAddress, sourceAddress);
} }
(*entry).incrementTtl(routeCount * 3); (*entry).incrementTtl(routeCount * 3);

5
src/DestHostUnreachableFakeroutePacket.cpp
View File

@ -33,9 +33,10 @@
DestHostUnreachableFakeroutePacket::DestHostUnreachableFakeroutePacket(u_int16_t localReceivedSourcePort, DestHostUnreachableFakeroutePacket::DestHostUnreachableFakeroutePacket(u_int16_t localReceivedSourcePort,
u_int16_t localReceivedDestinationPort, u_int16_t localReceivedDestinationPort,
char* localSpoofedSourceAddress, char* localSpoofedSourceAddress,
char* localSpoofedDestinationAddress) : char* localSpoofedDestinationAddress,
char* localReceivedSourceAddress) :
FakeroutePacket(localReceivedSourcePort, localReceivedDestinationPort, FakeroutePacket(localReceivedSourcePort, localReceivedDestinationPort,
localSpoofedSourceAddress, localSpoofedDestinationAddress) localSpoofedSourceAddress, localSpoofedDestinationAddress, localReceivedSourceAddress)
{} {}
u_int16_t DestHostUnreachableFakeroutePacket::getIcmpType(void) { u_int16_t DestHostUnreachableFakeroutePacket::getIcmpType(void) {

2
src/DestHostUnreachableFakeroutePacket.h
View File

@ -41,7 +41,7 @@ class DestHostUnreachableFakeroutePacket : public FakeroutePacket {
public: public:
DestHostUnreachableFakeroutePacket(u_int16_t receivedSourcePort, u_int16_t receivedDestinationPort, DestHostUnreachableFakeroutePacket(u_int16_t receivedSourcePort, u_int16_t receivedDestinationPort,
char* spoofedSourceAddress, char* spoofedDestinationAddress); char* spoofedSourceAddress, char* spoofedDestinationAddress, char* receivedSourceAddress);
}; };
#endif #endif

17
src/FakeroutePacket.cpp
View File

@ -46,17 +46,21 @@
FakeroutePacket::FakeroutePacket(u_int16_t localReceivedSourcePort, FakeroutePacket::FakeroutePacket(u_int16_t localReceivedSourcePort,
u_int16_t localReceivedDestinationPort, u_int16_t localReceivedDestinationPort,
char* localSpoofedSourceAddress, char* localSpoofedSourceAddress,
char* localSpoofedDestinationAddress) : char* localSpoofedDestinationAddress,
char* localReceivedSourceAddress) :
ICMP_HDR_SIZE(sizeof(struct icmp)), ICMP_HDR_SIZE(sizeof(struct icmp)),
IP_HDR_SIZE(sizeof(struct iphdr)), IP_HDR_SIZE(sizeof(struct iphdr)),
UDP_HDR_SIZE(sizeof(struct udphdr)) UDP_HDR_SIZE(sizeof(struct udphdr))
{ {
receivedSourcePort = localReceivedSourcePort; receivedSourcePort = localReceivedSourcePort;
receivedDestinationPort = localReceivedDestinationPort; receivedDestinationPort = localReceivedDestinationPort;
receivedSourceAddress = localReceivedSourceAddress;
spoofedSourceAddress = localSpoofedSourceAddress; spoofedSourceAddress = localSpoofedSourceAddress;
spoofedDestinationAddress = localSpoofedDestinationAddress; spoofedDestinationAddress = localSpoofedDestinationAddress;
} }
FakeroutePacket::~FakeroutePacket() {}
void FakeroutePacket::sendOn(int fd) { void FakeroutePacket::sendOn(int fd) {
int sockfd; int sockfd;
@ -81,10 +85,10 @@ void FakeroutePacket::sendOn(int fd) {
packetTo.sin_family = AF_INET; packetTo.sin_family = AF_INET;
packetTo.sin_addr.s_addr = inet_addr(spoofedDestinationAddress); packetTo.sin_addr.s_addr = inet_addr(spoofedDestinationAddress);
buildIpHeader(spoofedSourceAddress, spoofedDestinationAddress, (char*)packet);
buildIcmpHeader((char*)(packet + IP_HDR_SIZE), IPPROTO_UDP);
buildUdpHeader((char*)(packet + IP_HDR_SIZE + ICMP_HDR_SIZE), buildUdpHeader((char*)(packet + IP_HDR_SIZE + ICMP_HDR_SIZE),
receivedSourcePort, receivedDestinationPort); receivedSourcePort, receivedDestinationPort);
buildIcmpHeader((char*)(packet + IP_HDR_SIZE), IPPROTO_UDP);
buildIpHeader(spoofedSourceAddress, receivedSourceAddress, (char*)packet);
if (sendto(sockfd, packet, sizeof(packet), 0x0, (struct sockaddr*)&packetTo, sizeof(packetTo)) < 0) { if (sendto(sockfd, packet, sizeof(packet), 0x0, (struct sockaddr*)&packetTo, sizeof(packetTo)) < 0) {
fprintf(stderr, "Packet Send Failed."); fprintf(stderr, "Packet Send Failed.");
@ -99,22 +103,25 @@ void FakeroutePacket::buildUdpHeader(char* packet, u_int16_t sourcePort,
udphdr->source = htons(sourcePort); udphdr->source = htons(sourcePort);
udphdr->dest = htons(destinationPort); udphdr->dest = htons(destinationPort);
udphdr->len = htons(UDP_BODY_SIZE);
} }
void FakeroutePacket::buildIcmpHeader(char* packet, int protocol) { void FakeroutePacket::buildIcmpHeader(char* packet, int protocol) {
struct iphdr *fakeIpHdr; struct iphdr *fakeIpHdr;
struct icmp *icmpHeader = (struct icmp*)packet; struct icmp *icmpHeader = (struct icmp*)packet;
char fakePacket[IP_HDR_SIZE]; char fakePacket[IP_HDR_SIZE] = {0};
fakeIpHdr = (struct iphdr*)fakePacket; fakeIpHdr = (struct iphdr*)fakePacket;
fakeIpHdr->ihl = 5; fakeIpHdr->ihl = 5;
fakeIpHdr->version = 4; fakeIpHdr->version = 4;
fakeIpHdr->protocol = protocol; fakeIpHdr->protocol = protocol;
fakeIpHdr->saddr = inet_addr(receivedSourceAddress);
fakeIpHdr->daddr = inet_addr(spoofedDestinationAddress);
icmpHeader->icmp_type = getIcmpType(); icmpHeader->icmp_type = getIcmpType();
icmpHeader->icmp_code = getIcmpCode(); icmpHeader->icmp_code = getIcmpCode();
icmpHeader->icmp_ip = *(struct ip*)fakePacket; icmpHeader->icmp_ip = *(struct ip*)fakePacket;
icmpHeader->icmp_cksum = (int)in_cksum((unsigned short*)icmpHeader, ICMP_HDR_SIZE); icmpHeader->icmp_cksum = (unsigned short)in_cksum((unsigned short*)packet, ICMP_HDR_SIZE + 8);
} }
void FakeroutePacket::buildIpHeader(char* source, char* destination, char* packet) { void FakeroutePacket::buildIpHeader(char* source, char* destination, char* packet) {

4
src/FakeroutePacket.h
View File

@ -38,11 +38,13 @@ class FakeroutePacket {
const int ICMP_HDR_SIZE; const int ICMP_HDR_SIZE;
const int IP_HDR_SIZE; const int IP_HDR_SIZE;
const int UDP_HDR_SIZE; const int UDP_HDR_SIZE;
const int UDP_BODY_SIZE = 40;
u_int16_t receivedSourcePort; u_int16_t receivedSourcePort;
u_int16_t receivedDestinationPort; u_int16_t receivedDestinationPort;
char* spoofedSourceAddress; char* spoofedSourceAddress;
char* spoofedDestinationAddress; char* spoofedDestinationAddress;
char* receivedSourceAddress;
virtual void buildUdpHeader(char* packet, u_int16_t sourcePort, u_int16_t destinationPort); virtual void buildUdpHeader(char* packet, u_int16_t sourcePort, u_int16_t destinationPort);
virtual void buildIcmpHeader(char* packet, int protocol); virtual void buildIcmpHeader(char* packet, int protocol);
@ -54,7 +56,7 @@ class FakeroutePacket {
public: public:
FakeroutePacket(u_int16_t receivedSourcePort, u_int16_t receivedDestinationPort, FakeroutePacket(u_int16_t receivedSourcePort, u_int16_t receivedDestinationPort,
char* spoofedSourceAddress, char* spoofedDestinationAddress); char* spoofedSourceAddress, char* spoofedDestinationAddress, char* receivedSourceAddress);
virtual ~FakeroutePacket(); virtual ~FakeroutePacket();
virtual void sendOn(int fd); virtual void sendOn(int fd);
}; };

5
src/TimeToLiveExpiredFakeroutePacket.cpp
View File

@ -34,9 +34,10 @@
TimeToLiveExpiredFakeroutePacket::TimeToLiveExpiredFakeroutePacket(u_int16_t localReceivedSourcePort, TimeToLiveExpiredFakeroutePacket::TimeToLiveExpiredFakeroutePacket(u_int16_t localReceivedSourcePort,
u_int16_t localReceivedDestinationPort, u_int16_t localReceivedDestinationPort,
char* localSpoofedSourceAddress, char* localSpoofedSourceAddress,
char* localSpoofedDestinationAddress) : char* localSpoofedDestinationAddress,
char* localReceivedSourceAddress) :
FakeroutePacket(localReceivedSourcePort, localReceivedDestinationPort, FakeroutePacket(localReceivedSourcePort, localReceivedDestinationPort,
localSpoofedSourceAddress, localSpoofedDestinationAddress) localSpoofedSourceAddress, localSpoofedDestinationAddress, localReceivedSourceAddress)
{} {}
u_int16_t TimeToLiveExpiredFakeroutePacket::getIcmpType(void) { u_int16_t TimeToLiveExpiredFakeroutePacket::getIcmpType(void) {

4
src/TimeToLiveExpiredFakeroutePacket.h
View File

@ -38,10 +38,12 @@ class TimeToLiveExpiredFakeroutePacket : public FakeroutePacket {
protected: protected:
u_int16_t getIcmpType(void); u_int16_t getIcmpType(void);
u_int16_t getIcmpCode(void); u_int16_t getIcmpCode(void);
char* receivedSourceAddress;
public: public:
TimeToLiveExpiredFakeroutePacket(u_int16_t receivedSourcePort, u_int16_t receivedDestinationPort, TimeToLiveExpiredFakeroutePacket(u_int16_t receivedSourcePort, u_int16_t receivedDestinationPort,
char* spoofedSourceAddress, char* spoofedDestinationAddress); char* spoofedSourceAddress, char* spoofedDestinationAddress, char* receivedSourceAddress);
}; };
#endif #endif