From a9f393f08f0546a8e6d86c4a3fa30f9083dff695 Mon Sep 17 00:00:00 2001 From: Markus Goldstein Date: Thu, 21 May 2015 20:43:59 +0900 Subject: [PATCH] Fixed null packet issue in TCP mode for pcap_next. Disable rp_filter now for all interfaces, if enabled. Resolved problems with modern security settings and spoofing. --- src/bonesi.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/src/bonesi.c b/src/bonesi.c index 5e2dc04..c31027b 100644 --- a/src/bonesi.c +++ b/src/bonesi.c @@ -118,6 +118,8 @@ u_int32_t** srcIpsSpoof; char** useragents; int nuseragents = 0; Url_array urls; +int rp_filter = NULL; +void INThandler(int); TcpOption tcpOptions[NUM_TCP_OPTIONS]; @@ -130,6 +132,33 @@ int main(int argc, char *argv[]) { srand(time(NULL)*getpid()); parseArgs(argc, argv); + char buf[1024]; + FILE *f = NULL; + extern int errno; + signal(SIGINT, INThandler); + + // we need to disable revesered path, otherwise we cannot spoof + f = fopen("/proc/sys/net/ipv4/conf/all/rp_filter", "r"); + if(!f) { + fprintf(stderr, "Can't open proc file system: %s. Make sure to disable rp_filter manually.\n", strerror( errno )); + } + else { + fgets(buf, 1023, f); + rp_filter = atoi(buf); + fclose(f); + } + + if (rp_filter == 1) { + f = fopen("/proc/sys/net/ipv4/conf/all/rp_filter", "w"); + if(!f) { + fprintf(stderr, "Can't open proc file system: %s. Make sure to disable rp_filter manually.\n", strerror( errno )); + } + else { + fprintf(f,"0"); + fclose(f); + } + } + char errbuf[LIBNET_ERRBUF_SIZE]; libnet_t *libnetHandle = libnet_init(LIBNET_RAW4, device, errbuf); if (libnetHandle == NULL) { @@ -358,6 +387,17 @@ int main(int argc, char *argv[]) { if(proto == IPPROTO_TCP) { pthread_join(pcapThread, NULL); } + // set rp_filter back to original value ... + if (rp_filter == 1) { + f = fopen("/proc/sys/net/ipv4/conf/all/rp_filter", "w"); + if(!f) { + fprintf(stderr, "Can't open proc file system: %s. Make sure to disable rp_filter manually.\n", strerror( errno )); + } + else { + fprintf(f,"1"); + fclose(f); + } + } return EXIT_SUCCESS; } @@ -629,6 +669,7 @@ void printArgs() { printf("urls: %s\n", urlfilename); printf("useragents:: %s\n", useragentfilename); printf("stats file: %s\n", statsFilename); + printf("device: %s\n", device); (maxPackets > 0) ? printf("maxPackets: %d\n", maxPackets) : printf("maxPackets: infinite\n"); printf("format: "); @@ -736,6 +777,10 @@ void acknowledge(libnet_t *libnetHandle, pcap_t* pcapHandle) { //printf("achnowledge\n"); //static size_t x = 0; sniffedPacket = pcap_next(pcapHandle, &header); + if (!sniffedPacket) { + //fprintf(stderr, "Error sniffing packet: %s\n", pcap_geterr(pcapHandle)); + return; + } ip = (struct iphdr*) (sniffedPacket + sizeof(struct ether_header)); u_int32_t sIp = ip->daddr; //IP we want to send to tcp = (struct tcphdr*) (sniffedPacket + sizeof(struct ether_header) + sizeof(struct iphdr)); @@ -1053,3 +1098,22 @@ void sendAck(libnet_t *libnetHandle, const struct iphdr* ip, const struct tcphdr } } } + +void INThandler(int sig) { + char buf[1024]; + FILE *f = NULL; + extern int errno; + + signal(sig, SIG_IGN); + if (rp_filter == 1) { + f = fopen("/proc/sys/net/ipv4/conf/all/rp_filter", "w"); + if(!f) { + fprintf(stderr, "Can't open proc file system: %s. Make sure to disable rp_filter manually.\n", strerror( errno )); + } + else { + fprintf(f,"1"); + fclose(f); + } + } + exit(EXIT_SUCCESS); +}