/* ===================================== spooftest.c Author: Martin Olsson, molsson@csee.usf.edu This program will multicast a hardcoded SSDP NOTIFY, spoofed for a predefined, hardcoded address. The program uses the library netwib, which must be installed before the program can be compiled or run. Newib can be found here: http://www.laurentconstantin.com/en/netw/netwib/ Netwib uses Winpcap which can be found here: http://winpcap.polito.it/ Parts of this code has been borrowed from the testprograms for netwib. Please download the whole developer package from the netwib homepage to get acces to documentation and testfiles. This code should be compiled using Visual C++ or Dev C++. Please refer to netwib documentation for settings of the compiler. This program was downloaded from http://www.csee.usf.edu/~jklamra/upnp/ and is part of a master thesis about power management in Universal Plug and Play. ===================================== */ #include #include int main(void) { netwib_ip tmpip; netwib_eth tmpeth; netwib_iphdr iphdr; netwib_linkhdr linkhdr; netwib_udphdr udphdr; netwib_buf device, tempbuf, httpbuf, sendbuf, udpbuf; netwib_err ret; netwib_init(); netwib_er(netwib_buf_init_mallocdefault(&device)); init_device(&device, NETWIB_DEVICE_HWTYPE_ETHER); // initiate sending device //////////////////////////////////////////////////////////////////////////// //// IP HEADER TEST //// //////////////////////////////////////////////////////////////////////////// netwib_er(netwib_fmt_display("Init link header\n")); //initiate link hdr (ethernet) netwib_linkhdr_initdefault(NETWIB_DEVICE_DLTTYPE_EN10MB, &linkhdr); //initate eth header netwib_eth_init_fields(0x01,0x00,0x5e,0x7f,0xff,0xfa,&tmpeth); linkhdr.hdr.ether.dst = tmpeth; //set dst mac address netwib_eth_init_fields(0x01,0x02,0x03,0x04,0x05,0x06,&tmpeth); linkhdr.hdr.ether.src = tmpeth; // set src mac address linkhdr.hdr.ether.type = NETWIB_ETHERHDRTYPE_IP4; //set linktype to ip4 // initiate ip header netwib_er(netwib_fmt_display("Init ip header\n")); netwib_er(netwib_iphdr_initdefault(NETWIB_IPTYPE_IP4, &iphdr)); // sets id?? iphdr.header.ip4.id = 123; // sets src ip netwib_er(netwib_ip_init_ip4_fields(5,6,7,8,&tmpip)); iphdr.src = tmpip; //sets dst ip netwib_er(netwib_ip_init_ip4_fields(239,255,255,250,&tmpip)); iphdr.dst = tmpip; //set total length iphdr.header.ip4.totlen = 327; // set protocol to UDP iphdr.protocol = NETWIB_IPPROTO_UDP; // initiate udp header netwib_er(netwib_udphdr_initdefault(&udphdr)); // set src port udphdr.src = 4745; // set dst port udphdr.dst = 1900; // set length udphdr.len = 307; // hardcoded http (SSDP ALive) netwib_er(netwib_buf_init_mallocdefault(&tempbuf)); netwib_er(netwib_buf_init_mallocdefault(&httpbuf)); netwib_er(netwib_buf_init_ext_text("4e4f54494659202a20485454502f312e310d0a4c4f434154494f4e3a20687474703a2f2f3133312e3234372e322e31363a35373830382f0d0a484f53543a203233392e3235352e3235352e3235303a313930300d0a5345525645523a2057696e646f7773204e542f352e302c2055506e502f312e302c20496e74656c20434c522053444b2f312e300d0a4e54533a20737364703a616c6976650d0a55534e3a20757569643a64363036396432302d393265362d343036362d616430642d3562363237613934326435390d0a43414348452d434f4e54524f4c3a206d61782d6167653d3930300d0a4e543a20757569643a64363036396432302d393265362d343036362d616430642d3562363237613934326435390d0a436f6e74656e742d4c656e6774683a20300d0a0d0a", &tempbuf)); netwib_er(netwib_buf_decode(&tempbuf, NETWIB_DECODETYPE_HEXA, &httpbuf)); netwib_er(netwib_buf_close(&tempbuf)); ip_checksum(&iphdr); //calculate checksum for iphdr /* // calculate checksum for udp, not a must netwib_er(netwib_buf_init_mallocdefault(&udpbuf)); netwib_buf_append_ip(&(iphdr.src), NETWIB_IP_ENCODETYPE_IP, &udpbuf); netwib_buf_append_ip(&(iphdr.dst), NETWIB_IP_ENCODETYPE_IP, &udpbuf); netwib_buf_append_byte(0000, &udpbuf); netwib_buf_append_byte(0000, &udpbuf); netwib_buf_append_byte(0000, &udpbuf); netwib_buf_append_byte(0000, &udpbuf); netwib_buf_append_byte(0000, &udpbuf); netwib_buf_append_byte(0000, &udpbuf); netwib_buf_append_byte(1000, &udpbuf); netwib_buf_append_byte(0000, &udpbuf); netwib_pkt_append_udphdr(&udphdr, &udpbuf); netwib_buf_append_buf(&httpbuf, &udpbuf); netwib_checksum_buf(&udpbuf, &udphdr.check); netwib_er(netwib_buf_close(&udpbuf)); */ // build the packet to send netwib_er(netwib_buf_init_mallocdefault(&sendbuf)); // initiate the sendbuffer netwib_pkt_append_linkhdr(&linkhdr, &sendbuf); netwib_pkt_append_iphdr(&iphdr, &sendbuf); netwib_pkt_append_udphdr(&udphdr, &sendbuf); netwib_buf_append_buf(&httpbuf, &sendbuf); netwib_er(netwib_buf_close(&httpbuf)); //////////////////////////////////////////////////////////////////////////// //// IP HEADER TEST END //// //////////////////////////////////////////////////////////////////////////// netwib_er(netwib_fmt_display("Spoofing test\n")); ret = spoof_send(&sendbuf, &device); if (ret == NETWIB_ERR_OK) { netwib_er(netwib_fmt_display("Spoofing complete\n")); } else { netwib_er(netwib_fmt_display("Failed spoofing\n")); } netwib_er(netwib_buf_close(&sendbuf)); netwib_er(netwib_buf_close(&device)); netwib_close(); return(0); } //////////////////////////////////////////////////////////////////////////// //// Init device //// //////////////////////////////////////////////////////////////////////////// netwib_err init_device(netwib_buf *pbuf, netwib_device_hwtype hwt) { netwib_err ret; netwib_conf_devices_index *pconfindex; netwib_conf_devices conf; netwib_er(netwib_conf_devices_index_init(&conf, &pconfindex)); ret = NETWIB_ERR_OK; while (NETWIB_TRUE) { ret = netwib_conf_devices_index_next(pconfindex); if (ret != NETWIB_ERR_OK) { if (ret == NETWIB_ERR_DATAEND) ret = NETWIB_ERR_NOTFOUND; break; } if (conf.hwtype == hwt) { netwib_er(netwib_buf_append_buf(&conf.device, pbuf)); break; } } netwib_er(netwib_conf_devices_index_close(&pconfindex)); if (ret == NETWIB_ERR_NOTFOUND) { netwib_er(netwib_fmt_display("No device of wanted type found\n")); } netwib_er(netwib_fmt_display("Device initiated\n")); return(ret); } //////////////////////////////////////////////////////////////////////////////// //// Calculate ip checksum //// //////////////////////////////////////////////////////////////////////////////// netwib_err ip_checksum(netwib_iphdr *iphdr) { netwib_buf buf; netwib_err ret; ret = NETWIB_ERR_OK; netwib_er(netwib_buf_init_mallocdefault(&buf)); netwib_pkt_append_iphdr(iphdr, &buf); netwib_checksum_buf(&buf, iphdr->header.ip4.check); netwib_er(netwib_buf_close(&buf)); return(ret); } //////////////////////////////////////////////////////////////////////////////// //// Sending from buf on device //// //////////////////////////////////////////////////////////////////////////////// netwib_err spoof_send(netwib_buf *buf, netwib_buf *device) { netwib_err ret; netwib_io *pio; ret = netwib_io_init_spoof_link(device, &pio); //initiate link spoof if (ret == NETWIB_ERR_OK) { ret = netwib_io_write(pio, buf); if (ret != NETWIB_ERR_OK) { netwib_er(netwib_fmt_display("sending failed\n")); netwib_err_display(ret, NETWIB_ERR_ENCODETYPE_FULL); } netwib_er(netwib_io_close(&pio)); } else if (ret == NETWIB_ERR_LONOTSUPPORTED) { netwib_er(netwib_fmt_display("IP4 spoof is not supported\n")); } else { netwib_er(netwib_fmt_display("Failed initiating link spoof\n")); return(ret); } return(ret); }