icmp echo
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 280
ICMP-Chat 0.6
ICMP-Chat is a simple console-based chat that uses ICMP packets for communication. more>>
ICMP-Chat is a simple console-based chat that uses ICMP packets for communication. All the data is encrypted with Rijndael-256 algorithm.
Installation:
Type: make && make install
For solaris type: make solaris && make install
Usage:
Usage: icmpchat [OPTIONS] < host > < nick >
< host > = Host to chat with
< nick > = Your nickname
OPTIONS:
-t < type > = specify icmp type (default ECHO_REPLY)
Example: icmpchat 192.168.1.2 foo
ICMP codes:
[0] Echo Reply
[5] Redirect
[8] Echo Request
[9] Router advertisement
[10] Router solicitation
[13] Timestamp request
[14] Timestamp reply
[15] Information request
[16] Information reply
[17] Adressmask request
[18] Adressmask reply
Enhancements:
- Rewrote from scratch
- Implemented optimized rijndael algorithm
- Implemented sha256 for password hashing
- Implemented ncurses frontend (again)
- Fixed getuid problem so that setting suid flag works now (thanks John)
<<lessInstallation:
Type: make && make install
For solaris type: make solaris && make install
Usage:
Usage: icmpchat [OPTIONS] < host > < nick >
< host > = Host to chat with
< nick > = Your nickname
OPTIONS:
-t < type > = specify icmp type (default ECHO_REPLY)
Example: icmpchat 192.168.1.2 foo
ICMP codes:
[0] Echo Reply
[5] Redirect
[8] Echo Request
[9] Router advertisement
[10] Router solicitation
[13] Timestamp request
[14] Timestamp reply
[15] Information request
[16] Information reply
[17] Adressmask request
[18] Adressmask reply
Enhancements:
- Rewrote from scratch
- Implemented optimized rijndael algorithm
- Implemented sha256 for password hashing
- Implemented ncurses frontend (again)
- Fixed getuid problem so that setting suid flag works now (thanks John)
Download (0.037MB)
Added: 2006-06-16 License: GPL (GNU General Public License) Price:
1229 downloads
ICMPScan 1.1
ICMPScan scans the specified address, or addresses, for ICMP responses. more>>
ICMPScan scans the specified address, or addresses, for ICMP responses.
Usage:
icmpscan [ -EPTSNMAIRcvbn ] [ -A address ] [ -f filename ] [ -i interface ] [ -r retries ] [ -t timeout ] target [...]
Options:
-i, --interface
Listen on the specified interface. If unspecified, icmpscan will examine the routing table and select the most appropriate interface for each target address.
-c, --promisc
Put in interface into promiscuous mode. As this option increases the load on the system in general, it should only be used if spoofing of source packets address is enabled with the "-A" option.
-A, --address
Specify the source IP address of generated packets.
-t, --timeout
Specify the timeout, in milli-seconds, before retrying.
-r, --retries
Specify the number of attempts to elicit a particular ICMP response.
-f, --file
Read target list from the specified file.
-E, -P, --echo, --ping
Check of ICMP Echo responses.
-T, -S, --timestamp
Check for ICMP Timestamp responses.
-N, -M, --netmask
Check for ICMP Netmask responses.
-I, --info
Check for ICMP Info responses.
-R, --router
Check for ICMP Router Solicitation responses.
-v, --verbose
Increase the output verbosity.
-B, --debug
Target Specification
The simplest case is listing single hostnames or IP addresses on the command line. If you want to scan a subnet of IP addresses, you can append /mask to the hostname or IP address. mask must be between 0 (scan the whole Internet) and 32 (scan the single host specified). Use /24 to scan a class "C" address and /16 for a class "B". There is also a more powerful notation which lets you specify an IP address using lists/ranges for each element. Thus you can scan the whole class "B" network 192.168.*.* by specifying "192.168.*.*" or "192.168.0-255.0-255" or even "192.168.1-50,51-255.1,2,3,4,5-255". And of course you can use the mask notation: "192.168.0.0/16". These are all equivalent. If you use asterisks ("*"), remember that most shells require you to escape them with back slashes or protect them with quotes.
Examples:
The following example checks the first 16 addresses in the 192.168.1.0/24 netblock for all ICMP responses. The scan speed is increased by lowering the timeout value and setting the number of retries to 1:
> icmpscan -t 500 -r 1 192.168.1.0-16
192.168.1.0: Echo (From 192.168.1.17!)
192.168.1.0: Address Mask [255.255.255.0] (From 192.168.1.17!)
192.168.1.7: Echo
192.168.1.7: Timestamp [0x03ab2db0, 0x02d4c507, 0x02d4c507]
192.168.1.7: Address Mask [255.255.255.0]
192.168.1.8: Echo
192.168.1.8: Address Mask [255.255.255.0]
To display failed probes, increase the output verbosity:
> icmpscan -v 192.168.1.1
192.168.1.1: -- No response to Echo request --
192.168.1.1: -- No response to Timestamp request --
192.168.1.1: -- No response to Netmask request --
192.168.1.1: -- No response to Info request --
192.168.1.1: -- No response to Router Solicitation request --
Individual ICMP types can be checked for by listing their corresponding flags on the command line:
> icmpscan -v --echo --netmask 192.168.1.7
192.168.1.7: Echo
192.168.1.7: Address Mask [255.255.255.0]
<<lessUsage:
icmpscan [ -EPTSNMAIRcvbn ] [ -A address ] [ -f filename ] [ -i interface ] [ -r retries ] [ -t timeout ] target [...]
Options:
-i, --interface
Listen on the specified interface. If unspecified, icmpscan will examine the routing table and select the most appropriate interface for each target address.
-c, --promisc
Put in interface into promiscuous mode. As this option increases the load on the system in general, it should only be used if spoofing of source packets address is enabled with the "-A" option.
-A, --address
Specify the source IP address of generated packets.
-t, --timeout
Specify the timeout, in milli-seconds, before retrying.
-r, --retries
Specify the number of attempts to elicit a particular ICMP response.
-f, --file
Read target list from the specified file.
-E, -P, --echo, --ping
Check of ICMP Echo responses.
-T, -S, --timestamp
Check for ICMP Timestamp responses.
-N, -M, --netmask
Check for ICMP Netmask responses.
-I, --info
Check for ICMP Info responses.
-R, --router
Check for ICMP Router Solicitation responses.
-v, --verbose
Increase the output verbosity.
-B, --debug
Target Specification
The simplest case is listing single hostnames or IP addresses on the command line. If you want to scan a subnet of IP addresses, you can append /mask to the hostname or IP address. mask must be between 0 (scan the whole Internet) and 32 (scan the single host specified). Use /24 to scan a class "C" address and /16 for a class "B". There is also a more powerful notation which lets you specify an IP address using lists/ranges for each element. Thus you can scan the whole class "B" network 192.168.*.* by specifying "192.168.*.*" or "192.168.0-255.0-255" or even "192.168.1-50,51-255.1,2,3,4,5-255". And of course you can use the mask notation: "192.168.0.0/16". These are all equivalent. If you use asterisks ("*"), remember that most shells require you to escape them with back slashes or protect them with quotes.
Examples:
The following example checks the first 16 addresses in the 192.168.1.0/24 netblock for all ICMP responses. The scan speed is increased by lowering the timeout value and setting the number of retries to 1:
> icmpscan -t 500 -r 1 192.168.1.0-16
192.168.1.0: Echo (From 192.168.1.17!)
192.168.1.0: Address Mask [255.255.255.0] (From 192.168.1.17!)
192.168.1.7: Echo
192.168.1.7: Timestamp [0x03ab2db0, 0x02d4c507, 0x02d4c507]
192.168.1.7: Address Mask [255.255.255.0]
192.168.1.8: Echo
192.168.1.8: Address Mask [255.255.255.0]
To display failed probes, increase the output verbosity:
> icmpscan -v 192.168.1.1
192.168.1.1: -- No response to Echo request --
192.168.1.1: -- No response to Timestamp request --
192.168.1.1: -- No response to Netmask request --
192.168.1.1: -- No response to Info request --
192.168.1.1: -- No response to Router Solicitation request --
Individual ICMP types can be checked for by listing their corresponding flags on the command line:
> icmpscan -v --echo --netmask 192.168.1.7
192.168.1.7: Echo
192.168.1.7: Address Mask [255.255.255.0]
Download (0.044MB)
Added: 2007-08-22 License: GPL (GNU General Public License) Price:
794 downloads
Icmpenum 1.0
Icmpenum sends ICMP traffic for host enumeration. more>>
Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum project can send ICMP traffic for such enumeration.
The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
<<lessThe ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
Download (0.58MB)
Added: 2007-05-08 License: GPL (GNU General Public License) Price:
548 downloads
Icmpenun 1.2
Icmpenum sends ICMP traffic to potential targets on a network. more>>
Icmpenum sends ICMP traffic to potential targets on a network.
Introduction:
Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum sends ICMP traffic for such enumeration. The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
Installation:
1. Install the latest libpcap (libpcap 0.4, ftp://ftp.ee.lbl.gov/libpcap.tar.Z).
2. Install the latest Libnet (http://www.packetfactory.net/libnet/).
3. Compile icmpenum as follows:
gcc `libnet-config --defines` -o icmpenum icmpenum.c -lnet -lpcap
4. Copy icmpenum to your fave directory and (as root) start enumerating.
Usage:
Running icmpenum -h gives you the following screen:
# ./icmpenum -h
USAGE: ./icmpenum [opts] [-c class C] [-d dev] [-i 1-3] [-s src] [-t sec] hosts
opts are h n p r v
-h this help screen
-n no sending of packets
-p promiscuous receive mode
-r receiving packets only (no
-v verbose
-c class C in x.x.x.0 form
-i icmp type to send/receive, types include the following:
1 echo/echo reply (default)
2 timestamp request/reply
3 info request/reply
-d device to grab local IP or sniff from, default is eth0
-s spoofed source address
-t time in seconds to wait for all replies (default 5)
host(s) are target hosts (ignored if using -c)
Examples:
Here are some example uses of icmpenum to enumerate hosts.
Example 1:
[Host1]# icmpenum 192.168.1.1 192.168.1.2
This will use the default of Echo packets to try and determine if
192.168.1.1 and 192.168.1.2 are up and running.
Example 2:
[Host1]# icmpenum -i 2 -v 192.168.100.100 192.168.100.200
This will enumerate the two hosts using Timestamp packets in
verbose mode.
Example 3:
[Host1]# icmpenum -i 3 -s 10.10.10.10 -p -v 192.168.1.1 192.168.1.2
This will enumerate hosts 192.168.1.1 and 192.168.1.2 using
Information packets with a spoofed address of 10.10.10.10, since our real address is 10.10.10.11 we use the -p option to listen for the replies.
Here are some more advanced uses of icmpenum.
Example 4:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that the network 1.1.1.0 has potential hosts to enumerate, we use the following two entries to enumerate with Information packets:
[Host2]# icmpenum -r -t 30 -i 3 -c 1.1.1.0
[Host1]# icmpenum -s 7.7.7.7 -i 3 -c 1.1.1.0
Host2 starts first in receive mode with a timeout of 30 seconds and starts listening for Information packets from the 1.1.1.0 network. Then Host1 starts sending spoofed packets with Host2 as the source address, sending exactly what Host2 is listening for. It should be noted that this is hardly stealthy, as logs at 1.1.1s site could have 7.7.7.7s address all over them, but the -r function is good for testing.
Example 5:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that Host2 can sniff traffic between 1.1.1.0 and 2.2.2.0, we use the following entries to enumerate the 1.1.1.0 network:
[Host2]# icmpenum -t 20 -n -p -i 2 -c 1.1.1.0
[Host1]# icmpenum -s 2.2.2.2 -i 2 -c 1.1.1.0
Host2 starts first with a timeout of 20 seconds, makes sure not to send the packets with the -n option, listens promiscuously for Timestamp packets from the 1.1.1.0 network. Host1 sends the exact packets Host2 is listening for with a 2.2.2.2 spoofed source address. Yes, one could simply replace the -n option in Host2s command line with -s 2.2.2.2 and do the same thing from one workstation, but were demonstrating a distributed concept.
Enhancements:
- I have added ICMP MASK (type 17 and 18) requests and replys. Simply use the -i 4 option on the command line, such as; icmpenum -i 4 -c 1.2.3.1 (sends ICMP MASK requests to the Class C range 1.2.3.1/24 and reports any system as.
- Due to the use of some older versions of Libnet and Libpcap. I can see problems for some people compiling this and hence have placed two statically linked versions within the tarball
<<lessIntroduction:
Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum sends ICMP traffic for such enumeration. The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
Installation:
1. Install the latest libpcap (libpcap 0.4, ftp://ftp.ee.lbl.gov/libpcap.tar.Z).
2. Install the latest Libnet (http://www.packetfactory.net/libnet/).
3. Compile icmpenum as follows:
gcc `libnet-config --defines` -o icmpenum icmpenum.c -lnet -lpcap
4. Copy icmpenum to your fave directory and (as root) start enumerating.
Usage:
Running icmpenum -h gives you the following screen:
# ./icmpenum -h
USAGE: ./icmpenum [opts] [-c class C] [-d dev] [-i 1-3] [-s src] [-t sec] hosts
opts are h n p r v
-h this help screen
-n no sending of packets
-p promiscuous receive mode
-r receiving packets only (no
-v verbose
-c class C in x.x.x.0 form
-i icmp type to send/receive, types include the following:
1 echo/echo reply (default)
2 timestamp request/reply
3 info request/reply
-d device to grab local IP or sniff from, default is eth0
-s spoofed source address
-t time in seconds to wait for all replies (default 5)
host(s) are target hosts (ignored if using -c)
Examples:
Here are some example uses of icmpenum to enumerate hosts.
Example 1:
[Host1]# icmpenum 192.168.1.1 192.168.1.2
This will use the default of Echo packets to try and determine if
192.168.1.1 and 192.168.1.2 are up and running.
Example 2:
[Host1]# icmpenum -i 2 -v 192.168.100.100 192.168.100.200
This will enumerate the two hosts using Timestamp packets in
verbose mode.
Example 3:
[Host1]# icmpenum -i 3 -s 10.10.10.10 -p -v 192.168.1.1 192.168.1.2
This will enumerate hosts 192.168.1.1 and 192.168.1.2 using
Information packets with a spoofed address of 10.10.10.10, since our real address is 10.10.10.11 we use the -p option to listen for the replies.
Here are some more advanced uses of icmpenum.
Example 4:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that the network 1.1.1.0 has potential hosts to enumerate, we use the following two entries to enumerate with Information packets:
[Host2]# icmpenum -r -t 30 -i 3 -c 1.1.1.0
[Host1]# icmpenum -s 7.7.7.7 -i 3 -c 1.1.1.0
Host2 starts first in receive mode with a timeout of 30 seconds and starts listening for Information packets from the 1.1.1.0 network. Then Host1 starts sending spoofed packets with Host2 as the source address, sending exactly what Host2 is listening for. It should be noted that this is hardly stealthy, as logs at 1.1.1s site could have 7.7.7.7s address all over them, but the -r function is good for testing.
Example 5:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that Host2 can sniff traffic between 1.1.1.0 and 2.2.2.0, we use the following entries to enumerate the 1.1.1.0 network:
[Host2]# icmpenum -t 20 -n -p -i 2 -c 1.1.1.0
[Host1]# icmpenum -s 2.2.2.2 -i 2 -c 1.1.1.0
Host2 starts first with a timeout of 20 seconds, makes sure not to send the packets with the -n option, listens promiscuously for Timestamp packets from the 1.1.1.0 network. Host1 sends the exact packets Host2 is listening for with a 2.2.2.2 spoofed source address. Yes, one could simply replace the -n option in Host2s command line with -s 2.2.2.2 and do the same thing from one workstation, but were demonstrating a distributed concept.
Enhancements:
- I have added ICMP MASK (type 17 and 18) requests and replys. Simply use the -i 4 option on the command line, such as; icmpenum -i 4 -c 1.2.3.1 (sends ICMP MASK requests to the Class C range 1.2.3.1/24 and reports any system as.
- Due to the use of some older versions of Libnet and Libpcap. I can see problems for some people compiling this and hence have placed two statically linked versions within the tarball
Download (0.58MB)
Added: 2007-04-05 License: GPL (GNU General Public License) Price:
556 downloads
ICMPInfo 0.2
ICMPInfo is a tool that uses ICMP type 13 and 17 to retrieve the current time of a remote host and its netmask. more>>
ICMPInfo is a tool that uses ICMP type 13 and 17 to retrieve the current time of a remote host and its netmask.
<<less Download (0.017MB)
Added: 2006-04-18 License: GPL (GNU General Public License) Price:
1284 downloads
IPChains 0.5
IPChains is a Perl module to create and manipulate ipchains via Perl. more>>
IPChains is a Perl module to create and manipulate ipchains via Perl.
SYNOPSIS
use IPChains;
$fw = IPChains->new(-option => value, ... ); $fw->append(chain);
This module acts as an interface to the ipchains(8) userspace utility by Paul "Rusty" Russell (http://www.rustcorp.com/linux/ipchains/). It attempts to include all the functionality of the original code with a simplified user interface via Perl. In addition, plans for log parsing facilities, an integrated interface to ipmasqadm, and possibly traffic shaping are slated for up and coming versions.
The new() and attribute() methods support the following options:
Source
Specifies origination address of packet. Appending hostmask to this address using a / is OK, as well as specifying it separately (see SourceMask).
SourceMask
Hostmask for origination address. Can either be in 24 or 255.255.255.0 style.
SourcePort
Specific port or port range (use xxx:xxx to denote range), requires specific protocol specification.
Dest
Specifies destination address of packet. Appending hostmask to this address using a / is OK, as well as specifying it separately (see DestMask)
DestMask
Destination address, (see SourceMask).
DestPort
Destination Port, (see SourcePort).
Prot
Protocol. Can be tcp, udp, icmp, or all. Required for specifying specific port(s).
ICMP
ICMP Name/Code (in place of port when ICMP is specified as protocol).
Here is a small table of some of the most common ICMP packets:
Number Name Required by
0 echo-reply ping
3 destination-unreachable Any TCP/UDP traffic.
5 redirect routing if not running
routing daemon
8 echo-request ping
11 time-exceeded traceroute
Rule
Target. Can be ACCEPT, DENY, REJECT, MASQ, REDIRECT, RETURN, or a user-defined chain. Note: This is case sensitive.
Interface
Specify a specify interface as part of the criteria (ie, eth0, ppp0, etc.).
Fragment
Rule only refers to second and further fragments of fragmented packets (1 or 0).
Bidir
Makes criteria effective in both directions (1 or 0).
Verbose
Set verbose option for setting rules or list() (1 or 0).
Numeric
Show output from list() in numeric format. No DNS lookups, etc.. (1 or 0).
Log
Enable kernel logging (via syslog, kern.info) of matched packets (1 or 0).
Output
Copy matching packets to the userspace device (advanced).
Mark
Mark matching packets with specified number (advanced).
TOS
Used for modifying the TOS field in the IP header. Takes 2 args, AND and XOR masks, (ie, (TOS => ["0x01", "0x10"])). This feature is highly untested.
The first mask is ANDed with the packets current TOS, and the second mask is XORed with it. Use the following table for reference:
TOS Name Value Typical Uses
Minimum Delay 0x01 0x10 ftp, telnet
Maximum Throughput 0x01 0x08 ftp-data
Maximum Reliability 0x01 0x04 snmp
Minimum Cost 0x01 0x02 nntp
Exact
Display exact numbers in byte counters instead of numbers rounded in Ks, Ms, or Gs (1 or 0).
SYN
Only match TCP packets with the SYN bit set and the ACK and FIN bits cleared (1 or 0).
<<lessSYNOPSIS
use IPChains;
$fw = IPChains->new(-option => value, ... ); $fw->append(chain);
This module acts as an interface to the ipchains(8) userspace utility by Paul "Rusty" Russell (http://www.rustcorp.com/linux/ipchains/). It attempts to include all the functionality of the original code with a simplified user interface via Perl. In addition, plans for log parsing facilities, an integrated interface to ipmasqadm, and possibly traffic shaping are slated for up and coming versions.
The new() and attribute() methods support the following options:
Source
Specifies origination address of packet. Appending hostmask to this address using a / is OK, as well as specifying it separately (see SourceMask).
SourceMask
Hostmask for origination address. Can either be in 24 or 255.255.255.0 style.
SourcePort
Specific port or port range (use xxx:xxx to denote range), requires specific protocol specification.
Dest
Specifies destination address of packet. Appending hostmask to this address using a / is OK, as well as specifying it separately (see DestMask)
DestMask
Destination address, (see SourceMask).
DestPort
Destination Port, (see SourcePort).
Prot
Protocol. Can be tcp, udp, icmp, or all. Required for specifying specific port(s).
ICMP
ICMP Name/Code (in place of port when ICMP is specified as protocol).
Here is a small table of some of the most common ICMP packets:
Number Name Required by
0 echo-reply ping
3 destination-unreachable Any TCP/UDP traffic.
5 redirect routing if not running
routing daemon
8 echo-request ping
11 time-exceeded traceroute
Rule
Target. Can be ACCEPT, DENY, REJECT, MASQ, REDIRECT, RETURN, or a user-defined chain. Note: This is case sensitive.
Interface
Specify a specify interface as part of the criteria (ie, eth0, ppp0, etc.).
Fragment
Rule only refers to second and further fragments of fragmented packets (1 or 0).
Bidir
Makes criteria effective in both directions (1 or 0).
Verbose
Set verbose option for setting rules or list() (1 or 0).
Numeric
Show output from list() in numeric format. No DNS lookups, etc.. (1 or 0).
Log
Enable kernel logging (via syslog, kern.info) of matched packets (1 or 0).
Output
Copy matching packets to the userspace device (advanced).
Mark
Mark matching packets with specified number (advanced).
TOS
Used for modifying the TOS field in the IP header. Takes 2 args, AND and XOR masks, (ie, (TOS => ["0x01", "0x10"])). This feature is highly untested.
The first mask is ANDed with the packets current TOS, and the second mask is XORed with it. Use the following table for reference:
TOS Name Value Typical Uses
Minimum Delay 0x01 0x10 ftp, telnet
Maximum Throughput 0x01 0x08 ftp-data
Maximum Reliability 0x01 0x04 snmp
Minimum Cost 0x01 0x02 nntp
Exact
Display exact numbers in byte counters instead of numbers rounded in Ks, Ms, or Gs (1 or 0).
SYN
Only match TCP packets with the SYN bit set and the ACK and FIN bits cleared (1 or 0).
Download (0.050MB)
Added: 2007-05-10 License: Perl Artistic License Price:
897 downloads
Shell over ICMP 0.5
Shell over ICMP project allows a user to connect to a remote shell daemon, by using ICMP protocol instead of classical TCP. more>>
Shell over ICMP consists of two free and open source applications: one server and one client. Shell over ICMP project allows a user to connect to a remote shell daemon, by using ICMP protocol instead of classical TCP.
Entirely written in Python, soicmp is a working proof-of-concept to demonstrate that data can be transmitted across a network by hiding it in traffic that normally does not contain payloads.
How does it work?
The soicmp server is a daemon that must be started on the remote server. When the server receives a request from the client it looks into the packets payload. The payload must respect certain protocol rules. In detail the client must specify:
command
communication mode (echo|echo/reply)
authentication (y|n)
This is an example of a correct payload string sent by client to server:
$CMD ls -a $MODE echo/reply $PWD root2005 $END
If the payload matches with the server protocol specification then it will pipe the command to "/bin/sh" or "cmd.exe" and execute it. The server then reads the result from the pipe and sends it back to the client that will print it to stdout.
Moreover every client will send ICMP packets having id equal to the clients current process ID and will accept only ICMP replies having the same id value. This prevents output to be printed by other client instances running on the same workstation (this argument is also treated in the FAQs section).
Main features:
- Platform independent.
- Possibility to run soicmp daemon on multiple ethernet interfaces simultaneously handling multiple client connections.
- Possibility to specify the buffer size of outgoing packets.
- Client side source IP address spoofing.
- Remote client case-sensitive (plain texted) authentication.
- Possibility to select two communication types:
- One based on encapsulating command output in unique "one way" ICMP_ECHOREPLY (type 0) packets sent by server to client (see fig. 1).
- Another one that guarantees the correct packets delivering by using the request/response nature of ECHO and ECHOREPLY ICMP packet types (see fig.2)
- No listening sockets are listed by netstat or similar programs.
<<lessEntirely written in Python, soicmp is a working proof-of-concept to demonstrate that data can be transmitted across a network by hiding it in traffic that normally does not contain payloads.
How does it work?
The soicmp server is a daemon that must be started on the remote server. When the server receives a request from the client it looks into the packets payload. The payload must respect certain protocol rules. In detail the client must specify:
command
communication mode (echo|echo/reply)
authentication (y|n)
This is an example of a correct payload string sent by client to server:
$CMD ls -a $MODE echo/reply $PWD root2005 $END
If the payload matches with the server protocol specification then it will pipe the command to "/bin/sh" or "cmd.exe" and execute it. The server then reads the result from the pipe and sends it back to the client that will print it to stdout.
Moreover every client will send ICMP packets having id equal to the clients current process ID and will accept only ICMP replies having the same id value. This prevents output to be printed by other client instances running on the same workstation (this argument is also treated in the FAQs section).
Main features:
- Platform independent.
- Possibility to run soicmp daemon on multiple ethernet interfaces simultaneously handling multiple client connections.
- Possibility to specify the buffer size of outgoing packets.
- Client side source IP address spoofing.
- Remote client case-sensitive (plain texted) authentication.
- Possibility to select two communication types:
- One based on encapsulating command output in unique "one way" ICMP_ECHOREPLY (type 0) packets sent by server to client (see fig. 1).
- Another one that guarantees the correct packets delivering by using the request/response nature of ECHO and ECHOREPLY ICMP packet types (see fig.2)
- No listening sockets are listed by netstat or similar programs.
Download (0.58MB)
Added: 2006-11-07 License: GPL (GNU General Public License) Price:
1081 downloads
Echoserver 1.3
See what browsers and programs are sending to an HTTP Server. Simple server just dumps whatever it receives on the console. Echoserver is misnamed because it does not actually echo what it receives back to the browser. more>>
Echoserver - See what browsers and programs are sending to an HTTP Server.
Simple server just dumps whatever it receives on the console.
Echoserver is misnamed because it does not actually echo what it receives
back to the browser.
Enhancements:
Version 1.3
change pad directory structure
System Requirements:<<less
Download (520Kb)
Added: 2006-03-06 License: Free Price: Free
13 downloads
NetPacket::ICMP 0.04
NetPacket::ICMP is a Perl module to assemble and disassemble ICMP (Internet Control Message Protocol) packets. more>>
NetPacket::ICMP is a Perl module to assemble and disassemble ICMP (Internet Control Message Protocol) packets.
SYNOPSIS
use NetPacket::ICMP;
$icmp_obj = NetPacket::ICMP->decode($raw_pkt);
$icmp_pkt = NetPacket::ICMP->encode();
$icmp_data = NetPacket::ICMP::strip($raw_pkt);
NetPacket::ICMP provides a set of routines for assembling and disassembling packets using ICMP (Internet Control Message Protocol).
Methods
NetPacket::ICMP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::ICMP->encode()
Return an ICMP packet encoded with the instance data specified.
<<lessSYNOPSIS
use NetPacket::ICMP;
$icmp_obj = NetPacket::ICMP->decode($raw_pkt);
$icmp_pkt = NetPacket::ICMP->encode();
$icmp_data = NetPacket::ICMP::strip($raw_pkt);
NetPacket::ICMP provides a set of routines for assembling and disassembling packets using ICMP (Internet Control Message Protocol).
Methods
NetPacket::ICMP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.
NetPacket::ICMP->encode()
Return an ICMP packet encoded with the instance data specified.
Download (0.011MB)
Added: 2007-02-27 License: Perl Artistic License Price:
970 downloads
IPv6 FireWall script
IPv6 FireWall script is a firewall based on ip6tables. more>>
IPv6 FireWall script is a firewall based on ip6tables.
firewall6.sh 122 lines
#!/bin/bash
# Basic IPv6 FireWall script by Dennis Kruyt (dennis@klingon.nl)
#
# Sun Jan 5 18:26:28 2003 - DK
#debug
#set -x
cd /opt/scripts/firewall
source ./config6
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11
# change to script directory
cd ${SCRIPTSDIR}
SCRIPT=${SCRIPTSDIR}/firewall6.sh
case "$1" in
flush)
echo -e "Starting Firewall:"
${IPTABLE6} -F >> /dev/null 2>&1
${IPTABLE6} -X >> /dev/null 2>&1
echo -e "Setting defaults op ACCEPT!"
echo -e "ALERT: no firewall rules active"
#
${IPTABLE6} -P INPUT ACCEPT
${IPTABLE6} -P OUTPUT ACCEPT
${IPTABLE6} -P FORWARD ACCEPT
;;
start|reload)
echo -n "Starting Firewall: "
# paging!
#
# create a backup
TIME=`date +%s`
tar -czf /opt/backups/firewall/firewall.${TIME}.tar.gz /opt/scripts/firewall
# sending mail
mail email@address.com -s "Firewall - (re)started" < $0
# wait
sleep 1
# kerneloptions
echo -n "Loading Kernel options.."
./kernel_options6.sh
echo -n "Flushing and deleting all chains.."
${IPTABLE6} -F >> /dev/null 2>&1
${IPTABLE6} -X >> /dev/null 2>&1
# default policy
echo -n "Setting default policy DROP.."
${IPTABLE6} -P INPUT DROP
${IPTABLE6} -P OUTPUT DROP
${IPTABLE6} -P FORWARD DROP
# ?????????????
#${IPTABLE} -F -t mangle
#${IPTABLE} -t mangle -X
echo -e "Loading chains.."
# create chain blacklist
${IPTABLE6} --new blacklist
#And drop the evil ones
for i in $BLACKLIST6;do
${IPTABLE6} -A blacklist --src $i -j DROP
done
#icmp chain
${IPTABLE6} --new icmprules
${IPTABLE6} -A icmprules -p icmpv6 -j ACCEPT
# create out chain
${IPTABLE6} --new out
#localhost to localhost
${IPTABLE6} -A out --src $LOCALHOST6 --dst $LOCALHOST6 -j ACCEPT
# for now accept all outgoing IPv6 traffic
${IPTABLE6} -A out --src $SIXXS --dst $ANY6 -j ACCEPT
# create in chain
${IPTABLE6} --new in
#localhost to localhost
${IPTABLE6} -A in --src $LOCALHOST6 --dst $LOCALHOST6 -j ACCEPT
# for now accept all incomming IPv6 traffic
${IPTABLE6} -A in --dst $SIXXS --src $ANY6 -j ACCEPT
#All that are in trusted may ssh
for i in $THRUSTED6;do
${IPTABLE6} -A in -p tcp --dst $SIXXS --dport 22 --src $i -j ACCEPT
done
# jump to all ipv6 chains
${IPTABLE6} -A INPUT -j blacklist
${IPTABLE6} -A OUTPUT -j blacklist
${IPTABLE6} -A FORWARD -j blacklist
${IPTABLE6} -A INPUT -j icmprules
${IPTABLE6} -A OUTPUT -j icmprules
${IPTABLE6} -A INPUT -j in
${IPTABLE6} -A OUTPUT -j out
;;
show)
echo -e "Rules in the firewall: ${CHAIN} n"
${IPTABLE6} -L -n
;;
*)
echo -e "Usage: ${SCRIPT} {flush|start|reload|show} n"
exit 1
;;
esac
exit 0
config6 12 lines
export IPTABLE6=/sbin/ip6tables
export SCRIPTSDIR=/opt/scripts/firewall
export EXT="eth0" # device
export SIXXS="3ffe:8114:1000::50f/127" # extern
export ANY6="::/0"
export LOCALHOST6="::1/128"
export THRUSTED6=""
export BLACKLIST6="3ffe:8114:2fff:1391::1"
kernel_options6.sh 7 lines
#!/bin/bash
# forwarding on
#echo "1" > /proc/sys/net/ipv6 blablabla
# Set some other IPv6 proc settings
#echo "1" > /proc/sys/net/ipv6 blablabla
<<lessfirewall6.sh 122 lines
#!/bin/bash
# Basic IPv6 FireWall script by Dennis Kruyt (dennis@klingon.nl)
#
# Sun Jan 5 18:26:28 2003 - DK
#debug
#set -x
cd /opt/scripts/firewall
source ./config6
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11
# change to script directory
cd ${SCRIPTSDIR}
SCRIPT=${SCRIPTSDIR}/firewall6.sh
case "$1" in
flush)
echo -e "Starting Firewall:"
${IPTABLE6} -F >> /dev/null 2>&1
${IPTABLE6} -X >> /dev/null 2>&1
echo -e "Setting defaults op ACCEPT!"
echo -e "ALERT: no firewall rules active"
#
${IPTABLE6} -P INPUT ACCEPT
${IPTABLE6} -P OUTPUT ACCEPT
${IPTABLE6} -P FORWARD ACCEPT
;;
start|reload)
echo -n "Starting Firewall: "
# paging!
#
# create a backup
TIME=`date +%s`
tar -czf /opt/backups/firewall/firewall.${TIME}.tar.gz /opt/scripts/firewall
# sending mail
mail email@address.com -s "Firewall - (re)started" < $0
# wait
sleep 1
# kerneloptions
echo -n "Loading Kernel options.."
./kernel_options6.sh
echo -n "Flushing and deleting all chains.."
${IPTABLE6} -F >> /dev/null 2>&1
${IPTABLE6} -X >> /dev/null 2>&1
# default policy
echo -n "Setting default policy DROP.."
${IPTABLE6} -P INPUT DROP
${IPTABLE6} -P OUTPUT DROP
${IPTABLE6} -P FORWARD DROP
# ?????????????
#${IPTABLE} -F -t mangle
#${IPTABLE} -t mangle -X
echo -e "Loading chains.."
# create chain blacklist
${IPTABLE6} --new blacklist
#And drop the evil ones
for i in $BLACKLIST6;do
${IPTABLE6} -A blacklist --src $i -j DROP
done
#icmp chain
${IPTABLE6} --new icmprules
${IPTABLE6} -A icmprules -p icmpv6 -j ACCEPT
# create out chain
${IPTABLE6} --new out
#localhost to localhost
${IPTABLE6} -A out --src $LOCALHOST6 --dst $LOCALHOST6 -j ACCEPT
# for now accept all outgoing IPv6 traffic
${IPTABLE6} -A out --src $SIXXS --dst $ANY6 -j ACCEPT
# create in chain
${IPTABLE6} --new in
#localhost to localhost
${IPTABLE6} -A in --src $LOCALHOST6 --dst $LOCALHOST6 -j ACCEPT
# for now accept all incomming IPv6 traffic
${IPTABLE6} -A in --dst $SIXXS --src $ANY6 -j ACCEPT
#All that are in trusted may ssh
for i in $THRUSTED6;do
${IPTABLE6} -A in -p tcp --dst $SIXXS --dport 22 --src $i -j ACCEPT
done
# jump to all ipv6 chains
${IPTABLE6} -A INPUT -j blacklist
${IPTABLE6} -A OUTPUT -j blacklist
${IPTABLE6} -A FORWARD -j blacklist
${IPTABLE6} -A INPUT -j icmprules
${IPTABLE6} -A OUTPUT -j icmprules
${IPTABLE6} -A INPUT -j in
${IPTABLE6} -A OUTPUT -j out
;;
show)
echo -e "Rules in the firewall: ${CHAIN} n"
${IPTABLE6} -L -n
;;
*)
echo -e "Usage: ${SCRIPT} {flush|start|reload|show} n"
exit 1
;;
esac
exit 0
config6 12 lines
export IPTABLE6=/sbin/ip6tables
export SCRIPTSDIR=/opt/scripts/firewall
export EXT="eth0" # device
export SIXXS="3ffe:8114:1000::50f/127" # extern
export ANY6="::/0"
export LOCALHOST6="::1/128"
export THRUSTED6=""
export BLACKLIST6="3ffe:8114:2fff:1391::1"
kernel_options6.sh 7 lines
#!/bin/bash
# forwarding on
#echo "1" > /proc/sys/net/ipv6 blablabla
# Set some other IPv6 proc settings
#echo "1" > /proc/sys/net/ipv6 blablabla
Download (0.002MB)
Added: 2007-02-13 License: GPL (GNU General Public License) Price:
994 downloads
IPC::Run::Simple 1.3
IPC::Run::Simple is a simple system() wrapper. more>>
IPC::Run::Simple is a simple system() wrapper.
SYNOPSIS
# Run a command and check whether it failed
use IPC::Run::Simple;
run("echo Hello, O Cruel World")
or die "Command failed";
# Describe the failure
use IPC::Run::Simple qw($ERR);
run("echo Hello, O Cruel World")
or die "Command failed: $ERR";
# Use the :all tag instead of explicitly requesting $ERR
use IPC::Run::Simple qw(:all);
run("echo Hello, O Cruel World")
or die "Command failed: $ERR";
# Die with error message if command does not return 0
use IPC::Run::Simple qw(:Fatal);
run("echo Hello, O Cruel World");
# Allow other exit values without dying
use IPC::Run::Simple qw(:Fatal);
run(command => [ "echo", "Hello, O Cruel World!" ],
allowed => [ 1, 2, 5 ]);
This module is intended to be a very simple, straightforward wrapper around the system() call to make it behave more like other builtins.
run() will return a true value if the command was executed and return a successful status code, and false otherwise. The reason for the failure will be stored in the $IPC::Run::Simple::ERR variable (which is just $ERR if you import either $ERR or :all). The description of the reason was pulled almost directly from the system() documentation.
Optionally, you can import the :Fatal tag, which will cause run() to die() with an appropriate message if the command fails for any reason.
If you wish to allow nonzero exit values but still want to trap unexpected errors, you may use an expanded call syntax. Call run() with a set of key=>value pairs. The two implemented keys are command (an array reference containing the command to run) and allowed (an array reference of exit values that are allowed without causing run() to return false or throw an exception.)
<<lessSYNOPSIS
# Run a command and check whether it failed
use IPC::Run::Simple;
run("echo Hello, O Cruel World")
or die "Command failed";
# Describe the failure
use IPC::Run::Simple qw($ERR);
run("echo Hello, O Cruel World")
or die "Command failed: $ERR";
# Use the :all tag instead of explicitly requesting $ERR
use IPC::Run::Simple qw(:all);
run("echo Hello, O Cruel World")
or die "Command failed: $ERR";
# Die with error message if command does not return 0
use IPC::Run::Simple qw(:Fatal);
run("echo Hello, O Cruel World");
# Allow other exit values without dying
use IPC::Run::Simple qw(:Fatal);
run(command => [ "echo", "Hello, O Cruel World!" ],
allowed => [ 1, 2, 5 ]);
This module is intended to be a very simple, straightforward wrapper around the system() call to make it behave more like other builtins.
run() will return a true value if the command was executed and return a successful status code, and false otherwise. The reason for the failure will be stored in the $IPC::Run::Simple::ERR variable (which is just $ERR if you import either $ERR or :all). The description of the reason was pulled almost directly from the system() documentation.
Optionally, you can import the :Fatal tag, which will cause run() to die() with an appropriate message if the command fails for any reason.
If you wish to allow nonzero exit values but still want to trap unexpected errors, you may use an expanded call syntax. Call run() with a set of key=>value pairs. The two implemented keys are command (an array reference containing the command to run) and allowed (an array reference of exit values that are allowed without causing run() to return false or throw an exception.)
Download (0.005MB)
Added: 2007-08-15 License: Perl Artistic License Price:
802 downloads
ICMP Hostname Tools for Linux 0.3
The ICMP Hostname Tools for Linux include a responder daemon, a lookup tool, and a nameswitch module. more>>
The ICMP Hostname Tools for Linux include a responder daemon, a lookup tool, and a nameswitch module to handle ICMP host name functions.
The NSS module caches all requests (including failures) and honors the TTL value sent by the responding host. It uses a configuration file called /etc/nss-icmp.conf, which controls different aspects of its operation:
* timeout Sets the timeout in milliseconds for ICMP host name queries, by passing the -t option to idnlookup.
* nocache Disables the cache.
* ttlnotfound Sets the TTL for not-found cache entries is seconds. The default is 5 minutes.
Both icmpdnd and idnlookup need to run as root, due to the fact that they use ICMP. Thus, idnlookup needs be installed SUID root.
<<lessThe NSS module caches all requests (including failures) and honors the TTL value sent by the responding host. It uses a configuration file called /etc/nss-icmp.conf, which controls different aspects of its operation:
* timeout Sets the timeout in milliseconds for ICMP host name queries, by passing the -t option to idnlookup.
* nocache Disables the cache.
* ttlnotfound Sets the TTL for not-found cache entries is seconds. The default is 5 minutes.
Both icmpdnd and idnlookup need to run as root, due to the fact that they use ICMP. Thus, idnlookup needs be installed SUID root.
Download (0.026MB)
Added: 2005-06-28 License: GPL (GNU General Public License) Price:
1579 downloads
pyMap 0.1
pyMap consists in a port scanner written in Python. more>>
pyMap consists in a port scanner written in Python.
pyMap is a port scanner capable of ICMP, SYN, and FIN scans. It has been found to work on Windows XP and numerous Linux distributions.
<<lesspyMap is a port scanner capable of ICMP, SYN, and FIN scans. It has been found to work on Windows XP and numerous Linux distributions.
Download (0.050MB)
Added: 2007-04-26 License: GPL (GNU General Public License) Price:
918 downloads
kfilewatcher 0.1
kfilewatcher project watches for file changes and allows you to react on them. more>>
kfilewatcher project watches for file changes and allows you to react on them.
Example:
kfilewatcher /tmp/test 2>&1 | while read a; do echo "File has changed - doing something"; done
This command does something every time kfilewatcher detects a change. At the moment, the only action is to output "File has changed - doing something", but you can write anything there, e.g.
- backup stuff as soon as it changes
- publish files on your homepage everytime they change
- keep directories in sync
<<lessExample:
kfilewatcher /tmp/test 2>&1 | while read a; do echo "File has changed - doing something"; done
This command does something every time kfilewatcher detects a change. At the moment, the only action is to output "File has changed - doing something", but you can write anything there, e.g.
- backup stuff as soon as it changes
- publish files on your homepage everytime they change
- keep directories in sync
Download (1.7MB)
Added: 2006-12-28 License: GPL (GNU General Public License) Price:
1030 downloads
Compress::BraceExpansion 0.1.3
Compress::BraceExpansion is a Perl module to create a human-readable compressed string suitable for shell brace expansion. more>>
Compress::BraceExpansion is a Perl module to create a human-readable compressed string suitable for shell brace expansion.
SYNOPSIS
use Compress::BraceExpansion;
# output: ab{c,d}
print Compress::BraceExpansion->new( qw( abc abd ) )->shrink();
# output: aabb{cc,dd}
print Compress::BraceExpansion->new( qw( aabbcc aabbdd ) )->shrink();
# output: aa{bb{cc,dd},eeff}
print Compress::BraceExpansion->new( qw( aabbcc aabbdd aaeeff ) )->shrink();
Shells such as bash and zsh have a feature call brace expansion. These allow users to specify an expression to generate a series of strings that contain similar patterns. For example:
$ echo a{b,c}
ab ac
$ echo aa{bb,xx}cc
aabbcc aaxxcc
$ echo a{b,x}c{d,y}e
abcde abcye axcde axcye
$ echo a{b,x{y,z}}c
abc axyc axzc
This module was designed to take a list of strings with similar patterns (e.g. the output of a shell expansion) and generate the un-expanded expression. Given a reasonably sized array of similar strings, this module will generate a single compressed string that can be comfortably parsed by a human.
The current algorithm is most efficient if groups of the input strings start with or end with similar characters. See BUGS AND LIMITATIONS section for more details.
<<lessSYNOPSIS
use Compress::BraceExpansion;
# output: ab{c,d}
print Compress::BraceExpansion->new( qw( abc abd ) )->shrink();
# output: aabb{cc,dd}
print Compress::BraceExpansion->new( qw( aabbcc aabbdd ) )->shrink();
# output: aa{bb{cc,dd},eeff}
print Compress::BraceExpansion->new( qw( aabbcc aabbdd aaeeff ) )->shrink();
Shells such as bash and zsh have a feature call brace expansion. These allow users to specify an expression to generate a series of strings that contain similar patterns. For example:
$ echo a{b,c}
ab ac
$ echo aa{bb,xx}cc
aabbcc aaxxcc
$ echo a{b,x}c{d,y}e
abcde abcye axcde axcye
$ echo a{b,x{y,z}}c
abc axyc axzc
This module was designed to take a list of strings with similar patterns (e.g. the output of a shell expansion) and generate the un-expanded expression. Given a reasonably sized array of similar strings, this module will generate a single compressed string that can be comfortably parsed by a human.
The current algorithm is most efficient if groups of the input strings start with or end with similar characters. See BUGS AND LIMITATIONS section for more details.
Download (0.011MB)
Added: 2007-02-23 License: Perl Artistic License Price:
973 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above icmp echo search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
