1. Home
  2. Lainnya

nemesis Custom Packets Generators

187 Be warned, constructing a usable data file is nontrivial. Here is a crude C program that will construct the data needed for this DNS example: include stdio.h main { FILE fp; fp=fopendata.dns, w; fprintffp, cccc, 0x00, 0x01, 0x01, 0x00; fprintffp, cccc, 0x00, 0x01, 0x00, 0x00; fprintffp, cccc, 0x00, 0x00, 0x00, 0x00; fprintffp, cs, 0x03, www; fprintffp, cs, 0x05, cisco; fprintffp, csc, 0x03, com, 0x00; fprintffp, cccc, 0x00, 0x01, 0x00, 0x01; fclosefp; } Even if you dont use C, it should be fairly clear how this works. The fopen command creates the file, and the fprintf commands write out the data. c and s are used to identify the datatype when formatting the output. The remaining arguments are the actual values for the data. Im sure there are cleaner ways to create this data, but this will work. Finally, hping can also be put in dump mode so that the contents of the reply packets are displayed in hex: bsd2 hping -c 1 -j 172.16.2.230 HPING 172.16.2.230 ep0 172.16.2.230: NO FLAGS are set, 40 headers + 0 data bytes 46 bytes from 172.16.2.230: flags=RA seq=0 ttl=128 id=60017 win=0 rtt=2.1 ms 0060 9706 2222 0060 088f 5f0e 0800 4500 0028 ea71 0000 8006 f26b ac10 02e6 ac10 02ec 0000 0a88 0000 0000 1f41 a761 5014 0000 80b3 0000 0000 0000 0000 --- 172.16.2.230 hping statistic --- 1 packets transmitted, 1 packets received, 0 packet loss round-trip minavgmax = 2.12.12.1 ms Numerous other options are described in hpings documentation. You can get a very handy summary of options if you run hping with the -h option. I strongly recommend you print this to use while you are learning the program.

9.1.1.2 nemesis

nemesis, whose author is identified only as Obecian in the documentation, is actually a family of closely related command-line tools designed to generate packets. They are nemesis-arp, nemesis-dns, nemesis-icmp, nemesis-igmp, nemesis-ospf, nemesis-rip, nemesis-tcp, and nemesis-udp. Each, as you might guess, is designed to construct and send a particular type of packet. The inclusion of support for protocols like OSPF or IGMP really sets nemesis apart from similar tools. Here is an example that sends a TCP packet: bsd2 nemesis-tcp -v -D 205.153.63.30 -S 205.153.60.236 188 TCP Packet Injection -=- The NEMESIS Project 1.1 c 1999, 2000 obecian obeciancelerity.bartoli.org 205.153.63.30 [IP] 205.153.60.236 [Ports] 42069 23 [Flags] [TCP Urgent Pointer] 2048 [Window Size] 512 [IP ID] 0 [IP TTL] 254 [IP TOS] 0x18 [IP Frag] 0x4000 [IP Options] Wrote 40 bytes TCP Packet Injected The -v option is for verbose mode. Without this option, the program sends the packet but displays nothing on the screen. Use this option to test your commands and then omit it when you embed the commands in scripts. The -S and -D options give the source and destination addresses. You can use the -x and -y to set source and destination ports. If you want to specify flags, you can use the -f option. For example, if you add -fS -fA to the command line, the SYN and ACK flags will be set. Many firewalls will block packets with some combinations of SYN and ACK flags but will pass packets with different combinations. Being able to set the SYN and ACK flags can be useful in testing these firewalls. Here is an example setting the SYN and ACK flags and the destination port: bsd2 nemesis-tcp -S 172.16.2.236 -D 205.153.63.30 -fS -fA -y 22 Notice the program performs silently without the -v option. A number of additional options are described in the Unix manpages. The other programs in the nemesis suite work pretty much the same way. Here is an example for sending an ICMP ECHO REQUEST: bsd2 nemesis-icmp -v -S 172.16.2.236 -D 205.153.63.30 -i 8 ICMP Packet Injection -=- The NEMESIS Project 1.1 c 1999, 2000 obecian obeciancelerity.bartoli.org [IP] 172.16.2.236 205.153.63.30 [Type] ECHO REQUEST [Sequence number] 0 [IP ID] 0 [IP TTL] 254 [IP TOS] 0x18 [IP Frag] 0x4000 Wrote 48 bytes ICMP Packet Injected The -i option specifies the type field in the ICMP header. In this case, the 8 is the code for an ECHO_REQUEST message. The destination should respond with an ECHO_REPLY. 189 The -P option can be used to read the data for the packet from a file. For example, here is the syntax to send a DNS query. bsd2 nemesis-dns -v -S 172.16.2.236 -D 205.153.63.30 -q 1 -P data.dns DNS Packet Injection -=- The NEMESIS Project 1.1 c 1999, 2000 obecian obeciancelerity.bartoli.org [IP] 172.16.2.236 205.153.63.30 [Ports] 42069 53 [ Questions] 1 [ Answer RRs] 0 [ Authority RRs] 0 [ Additional RRs] 0 [IP ID] 420 [IP TTL] 254 [IP TOS] 0x18 [IP Frag] 0x4000 [IP Options] 00 01 01 00 00 01 00 00 00 00 00 00 03 77 77 .............ww 77 05 63 69 73 63 6F 03 63 6F 6D 00 00 01 00 w.cisco.com.... 01 . Wrote 40 bytes DNS Packet Injected Although it appears the data has been sent correctly, I have seen examples when the packets were not correctly sent despite appearances. So, be warned It is always a good idea to check the output of a packet generator with a packet sniffer just to make sure you are getting what you expect.

9.1.1.3 Other tools

Dokumen yang terkait

Network Troubleshooting Network Solution for Monitoring and Maintenance Your Networking

0 14 36

MODULAR NETWORK SOM (MNSOM): A NEW POWERFUL TOOL IN NEURAL NETWORKS

0 3 6

Evaluasi Kinerja Jaringan Kampus Memanfaatkan Tool Measurement of Network Usage

0 2 6

Simulation tool for active learning of introductory computer network subjects.

0 5 4

Simulation tool for active learning of introductory computer network subjects.

0 2 6

Tool For A Network Monitor.

0 2 24

Computer And Network Troubleshoot Helper Tool.

0 3 24

Network Monitoring Tool : A Simple Approach To Active Monitoring In Small LAN.

0 3 24

ADMINJAR P1 TOOL network configuration

0 0 21

Diklat Calon Instruktur TIK Tingkat SD MI dan SMP MTS 2015 | Filediamant's Blog

0 0 27