packetfu 1.1.9 → 1.1.10
Sign up to get free protection for your applications and to get access to all the features.
- data/bench/octets.rb +9 -9
- data/examples/100kpackets.rb +12 -12
- data/examples/ackscan.rb +16 -16
- data/examples/arp.rb +35 -35
- data/examples/arphood.rb +36 -36
- data/examples/dissect_thinger.rb +6 -6
- data/examples/new-simple-stats.rb +23 -23
- data/examples/packetfu-shell.rb +25 -25
- data/examples/simple-sniffer.rb +9 -9
- data/examples/simple-stats.rb +23 -23
- data/examples/slammer.rb +3 -3
- data/lib/packetfu.rb +127 -127
- data/lib/packetfu/capture.rb +169 -169
- data/lib/packetfu/config.rb +52 -52
- data/lib/packetfu/inject.rb +56 -56
- data/lib/packetfu/packet.rb +528 -528
- data/lib/packetfu/pcap.rb +579 -579
- data/lib/packetfu/protos/arp.rb +90 -90
- data/lib/packetfu/protos/arp/header.rb +158 -158
- data/lib/packetfu/protos/arp/mixin.rb +36 -36
- data/lib/packetfu/protos/eth.rb +44 -44
- data/lib/packetfu/protos/eth/header.rb +243 -243
- data/lib/packetfu/protos/eth/mixin.rb +3 -3
- data/lib/packetfu/protos/hsrp.rb +69 -69
- data/lib/packetfu/protos/hsrp/header.rb +107 -107
- data/lib/packetfu/protos/hsrp/mixin.rb +29 -29
- data/lib/packetfu/protos/icmp.rb +71 -71
- data/lib/packetfu/protos/icmp/header.rb +82 -82
- data/lib/packetfu/protos/icmp/mixin.rb +14 -14
- data/lib/packetfu/protos/invalid.rb +49 -49
- data/lib/packetfu/protos/ip.rb +69 -69
- data/lib/packetfu/protos/ip/header.rb +291 -291
- data/lib/packetfu/protos/ip/mixin.rb +40 -40
- data/lib/packetfu/protos/ipv6.rb +50 -50
- data/lib/packetfu/protos/ipv6/header.rb +188 -188
- data/lib/packetfu/protos/ipv6/mixin.rb +29 -29
- data/lib/packetfu/protos/tcp.rb +176 -176
- data/lib/packetfu/protos/tcp/ecn.rb +35 -35
- data/lib/packetfu/protos/tcp/flags.rb +74 -74
- data/lib/packetfu/protos/tcp/header.rb +268 -268
- data/lib/packetfu/protos/tcp/hlen.rb +32 -32
- data/lib/packetfu/protos/tcp/mixin.rb +46 -46
- data/lib/packetfu/protos/tcp/option.rb +321 -321
- data/lib/packetfu/protos/tcp/options.rb +95 -95
- data/lib/packetfu/protos/tcp/reserved.rb +35 -35
- data/lib/packetfu/protos/udp.rb +116 -116
- data/lib/packetfu/protos/udp/header.rb +91 -91
- data/lib/packetfu/protos/udp/mixin.rb +3 -3
- data/lib/packetfu/structfu.rb +280 -280
- data/lib/packetfu/utils.rb +226 -217
- data/lib/packetfu/version.rb +41 -41
- data/packetfu.gemspec +2 -1
- data/spec/ethpacket_spec.rb +48 -48
- data/spec/packet_spec.rb +57 -57
- data/spec/packet_subclasses_spec.rb +8 -8
- data/spec/packetfu_spec.rb +59 -59
- data/spec/structfu_spec.rb +268 -268
- data/spec/tcp_spec.rb +75 -75
- data/test/all_tests.rb +13 -13
- data/test/func_lldp.rb +3 -3
- data/test/ptest.rb +2 -2
- data/test/test_arp.rb +116 -116
- data/test/test_capture.rb +45 -45
- data/test/test_eth.rb +68 -68
- data/test/test_hsrp.rb +9 -9
- data/test/test_icmp.rb +52 -52
- data/test/test_inject.rb +18 -18
- data/test/test_invalid.rb +16 -16
- data/test/test_ip.rb +36 -36
- data/test/test_ip6.rb +48 -48
- data/test/test_octets.rb +21 -21
- data/test/test_packet.rb +154 -154
- data/test/test_pcap.rb +170 -170
- data/test/test_structfu.rb +97 -97
- data/test/test_tcp.rb +320 -320
- data/test/test_udp.rb +76 -76
- metadata +4 -3
data/test/test_udp.rb
CHANGED
@@ -4,93 +4,93 @@ $:.unshift File.join(File.expand_path(File.dirname(__FILE__)), "..", "lib")
|
|
4
4
|
require 'packetfu'
|
5
5
|
|
6
6
|
class String
|
7
|
-
|
8
|
-
|
9
|
-
|
7
|
+
def bin
|
8
|
+
self.scan(/../).map {|x| x.to_i(16).chr}.join
|
9
|
+
end
|
10
10
|
end
|
11
11
|
|
12
12
|
class UDPTest < Test::Unit::TestCase
|
13
|
-
|
13
|
+
include PacketFu
|
14
14
|
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
15
|
+
def test_udp_header_new
|
16
|
+
u = UDPHeader.new
|
17
|
+
assert_kind_of UDPHeader, u
|
18
|
+
assert_equal(8, u.to_s.size)
|
19
|
+
assert_equal("\x00\x00\x00\x00\x00\x08\x00\x00", u.to_s)
|
20
|
+
end
|
21
21
|
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
22
|
+
def test_udp_peek
|
23
|
+
u = UDPPacket.new
|
24
|
+
u.ip_saddr = "10.20.30.40"
|
25
|
+
u.ip_daddr = "50.60.70.80"
|
26
|
+
u.udp_src = 53
|
27
|
+
u.udp_dport = 1305
|
28
|
+
u.payload = "abcdefghijklmnopqrstuvwxyz"
|
29
|
+
u.recalc
|
30
|
+
puts "\n"
|
31
|
+
puts "UDP Peek format: "
|
32
|
+
puts u.peek
|
33
|
+
assert (u.peek.size <= 80)
|
34
|
+
end
|
35
35
|
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
36
|
+
def test_udp_pcap
|
37
|
+
u = UDPPacket.new
|
38
|
+
assert_kind_of UDPPacket, u
|
39
|
+
u.recalc
|
40
|
+
u.to_f('udp_test.pcap','a')
|
41
|
+
u.ip_saddr = "10.20.30.40"
|
42
|
+
u.ip_daddr = "50.60.70.80"
|
43
|
+
u.payload = "+some fakey-fake udp packet"
|
44
|
+
u.udp_src = 1205
|
45
|
+
u.udp_dst = 13013
|
46
|
+
u.recalc
|
47
|
+
u.to_f('udp_test.pcap','a')
|
48
|
+
end
|
49
49
|
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
50
|
+
def test_udp_read
|
51
|
+
sample_packet = PcapFile.new.file_to_array(:f => 'sample.pcap')[0]
|
52
|
+
pkt = Packet.parse(sample_packet)
|
53
|
+
assert_kind_of UDPPacket, pkt
|
54
|
+
assert_equal(0x8bf8, pkt.udp_sum.to_i)
|
55
|
+
pkt.to_f('udp_test.pcap','a')
|
56
|
+
end
|
57
57
|
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
58
|
+
def test_udp_checksum
|
59
|
+
sample_packet = PcapFile.new.file_to_array(:f => 'sample.pcap')[0]
|
60
|
+
pkt = Packet.parse(sample_packet)
|
61
|
+
assert_kind_of UDPPacket, pkt
|
62
|
+
pkt.recalc
|
63
|
+
assert_equal(0x8bf8, pkt.udp_sum.to_i)
|
64
|
+
pkt.to_f('udp_test.pcap','a')
|
65
|
+
end
|
66
66
|
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
67
|
+
def test_udp_read_strip
|
68
|
+
str = "01005e7ffffa100ba9eb63400800450000a12d7c0000011159b446a5fb7ceffffffacdf3076c008d516e4d2d534541524348202a20485454502f312e310d0a486f73743a3233392e3235352e3235352e3235303a313930300d0a53543a75726e3a736368656d61732d75706e702d6f72673a6465766963653a496e7465726e6574476174657761794465766963653a310d0a4d616e3a22737364703a646973636f766572220d0a4d583a330d0a0d0a".bin
|
69
|
+
str << "0102".bin # Tacking on a couple extra bites tht we'll strip off.
|
70
|
+
not_stripped = UDPPacket.new
|
71
|
+
not_stripped.read(str)
|
72
|
+
assert_equal 135, not_stripped.udp_header.body.length
|
73
|
+
stripped = UDPPacket.new
|
74
|
+
stripped.read(str, :strip => true)
|
75
|
+
assert_equal 133, stripped.udp_header.body.length
|
76
|
+
end
|
77
77
|
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
78
|
+
def test_udp_alter
|
79
|
+
sample_packet = PcapFile.new.file_to_array(:f => 'sample.pcap')[0]
|
80
|
+
pkt = Packet.parse(sample_packet)
|
81
|
+
assert_kind_of UDPPacket, pkt
|
82
|
+
pkt.payload = pkt.payload.gsub(/metasploit/,"MeatPistol")
|
83
|
+
pkt.recalc
|
84
|
+
assert_equal(0x8341, pkt.udp_sum)
|
85
|
+
pkt.to_f('udp_test.pcap','a')
|
86
|
+
end
|
87
87
|
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
88
|
+
def test_udp_reread
|
89
|
+
sample_packet = PacketFu::UDPPacket.new
|
90
|
+
pkt = Packet.parse(sample_packet.to_s)
|
91
|
+
assert sample_packet.is_udp?
|
92
|
+
assert pkt.is_udp?
|
93
|
+
end
|
94
94
|
|
95
95
|
|
96
96
|
end
|
metadata
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: packetfu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: !binary |-
|
5
|
+
MS4xLjEw
|
5
6
|
prerelease:
|
6
7
|
platform: ruby
|
7
8
|
authors:
|
@@ -9,7 +10,7 @@ authors:
|
|
9
10
|
autorequire:
|
10
11
|
bindir: bin
|
11
12
|
cert_chain: []
|
12
|
-
date:
|
13
|
+
date: 2014-01-12 00:00:00.000000000 Z
|
13
14
|
dependencies:
|
14
15
|
- !ruby/object:Gem::Dependency
|
15
16
|
name: pcaprub
|
@@ -201,7 +202,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
201
202
|
version: '0'
|
202
203
|
requirements: []
|
203
204
|
rubyforge_project: packetfu
|
204
|
-
rubygems_version: 1.8.
|
205
|
+
rubygems_version: 1.8.24
|
205
206
|
signing_key:
|
206
207
|
specification_version: 3
|
207
208
|
summary: PacketFu is a mid-level packet manipulation library.
|