Free icmp packets software for linux

ICMP-Chat is a simple console-based chat that uses ICMP packets for communication. All the data is encrypted with Rijndael-256 algorithm.
Installation:
Type: make && make install
For solaris type: make solaris && make install
Usage:
Usage: icmpchat [OPTIONS] < host > < nick >
< host > = Host to chat with
< nick > = Your nickname
OPTIONS:
-t < type > = specify icmp type (default ECHO_REPLY)
Example: icmpchat 192.168.1.2 foo
ICMP codes:
[0] Echo Reply
[5] Redirect
[8] Echo Request
[9] Router advertisement
[10] Router solicitation
[13] Timestamp request
[14] Timestamp reply
[15] Information request
[16] Information reply
[17] Adressmask request
[18] Adressmask reply
Enhancements:
- Rewrote from scratch
- Implemented optimized rijndael algorithm
- Implemented sha256 for password hashing
- Implemented ncurses frontend (again)
- Fixed getuid problem so that setting suid flag works now (thanks John)

RADIUS::Packet is an object-oriented Perl interface to RADIUS packets.

SYNOPSIS

use RADIUS::Packet;
use RADIUS::Dictionary;

my $d = new RADIUS::Dictionary "/etc/radius/dictionary";

my $p = new RADIUS::Packet $d, $data;
$p->dump;

if ($p->attr(User-Name eq "lwall") {
my $resp = new RADIUS::Packet $d;
$resp->set_code(Access-Accept);
$resp->set_identifier($p->identifier);
$resp->set_authenticator($p->authenticator);
$resp->set_attr(Reply-Message) = "Welcome, Larry!rn";
my $respdat = auth_resp($resp->pack, "mysecret");
...

RADIUS (RFC2138) specifies a binary packet format which contains various values and attributes. RADIUS::Packet provides an interface to turn RADIUS packets into Perl data structures and vice-versa.

RADIUS::Packet does not provide functions for obtaining RADIUS packets from the network. A simple network RADIUS server is provided as an example at the end of this document. Also, a RADIUS::Server module is under development which will simplify the interface.

deja-packet transmits raw packets through a specified interface.

Usage: ./deja-packet -pcap < libpcap capture file > < interface name >
or: ./deja-packet -raw < raw packet file > < interface name >

Note: you must be root to successfully transmit packets with deja-packet due to the Linux security restrictions with raw sockets.

In the [-p]cap mode, deja-packet transmits selected packets from a libpcap capture file (such as one created by Ethereal/Wireshark, or tcpdump). In the [-r]aw mode, deja-packet transmits the raw contents of a file as one whole packet.

The [-p]cap mode is interactive: the user will be continuously prompted to select which packet from the libpcap capture file to transmit, until the “q” character is encountered, where the program will quit.

Example pcap mode:

$ sudo ./deja-packet -p icmp_ping.pcap eth0
Select packet number (1 to 6) for transmission or q for quit: 1
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 2
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 5
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: 6
Successfully transmitted packet!
Select packet number (1 to 6) for transmission or q for quit: q
$

In the [-r]aw mode, deja-packet exits immediately after the attempted transmission is complete (allows deja-packet to be easily used with a script).

Example raw mode:

$ sudo ./deja-packet -r samplepacket eth0
Successfully transmitted packet!
$

icmp_ping.pcap is included as a sample libpcap capture file.

To compile deja-packet, simply use the command “make”.

deja-packet remains Linux-only because it requires PF_PACKET sockets.

This project is released under the GNU General Public License version 2.

Icmpenum sends ICMP traffic to potential targets on a network.
Introduction:
Host enumeration is the act of determining the IP address of potential targets on a network. This can be done in both layer 2 and layer 3. Icmpenum sends ICMP traffic for such enumeration. The ICMP packets supported are: Echo, Timestamp, Information and Netmask. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks which allow ICMP traffic.
Installation:
1. Install the latest libpcap (libpcap 0.4, ftp://ftp.ee.lbl.gov/libpcap.tar.Z).
2. Install the latest Libnet (http://www.packetfactory.net/libnet/).
3. Compile icmpenum as follows:
gcc `libnet-config --defines` -o icmpenum icmpenum.c -lnet -lpcap
4. Copy icmpenum to your fave directory and (as root) start enumerating.
Usage:
Running icmpenum -h gives you the following screen:
# ./icmpenum -h
USAGE: ./icmpenum [opts] [-c class C] [-d dev] [-i 1-3] [-s src] [-t sec] hosts
opts are h n p r v
-h this help screen
-n no sending of packets
-p promiscuous receive mode
-r receiving packets only (no
-v verbose
-c class C in x.x.x.0 form
-i icmp type to send/receive, types include the following:
1 echo/echo reply (default)
2 timestamp request/reply
3 info request/reply
-d device to grab local IP or sniff from, default is eth0
-s spoofed source address
-t time in seconds to wait for all replies (default 5)
host(s) are target hosts (ignored if using -c)
Examples:
Here are some example uses of icmpenum to enumerate hosts.
Example 1:
[Host1]# icmpenum 192.168.1.1 192.168.1.2
This will use the default of Echo packets to try and determine if
192.168.1.1 and 192.168.1.2 are up and running.
Example 2:
[Host1]# icmpenum -i 2 -v 192.168.100.100 192.168.100.200
This will enumerate the two hosts using Timestamp packets in
verbose mode.
Example 3:
[Host1]# icmpenum -i 3 -s 10.10.10.10 -p -v 192.168.1.1 192.168.1.2
This will enumerate hosts 192.168.1.1 and 192.168.1.2 using
Information packets with a spoofed address of 10.10.10.10, since our real address is 10.10.10.11 we use the -p option to listen for the replies.
Here are some more advanced uses of icmpenum.
Example 4:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that the network 1.1.1.0 has potential hosts to enumerate, we use the following two entries to enumerate with Information packets:
[Host2]# icmpenum -r -t 30 -i 3 -c 1.1.1.0
[Host1]# icmpenum -s 7.7.7.7 -i 3 -c 1.1.1.0
Host2 starts first in receive mode with a timeout of 30 seconds and starts listening for Information packets from the 1.1.1.0 network. Then Host1 starts sending spoofed packets with Host2 as the source address, sending exactly what Host2 is listening for. It should be noted that this is hardly stealthy, as logs at 1.1.1s site could have 7.7.7.7s address all over them, but the -r function is good for testing.
Example 5:
Assuming Host1 is 6.6.6.6 and Host2 is 7.7.7.7, and that Host2 can sniff traffic between 1.1.1.0 and 2.2.2.0, we use the following entries to enumerate the 1.1.1.0 network:
[Host2]# icmpenum -t 20 -n -p -i 2 -c 1.1.1.0
[Host1]# icmpenum -s 2.2.2.2 -i 2 -c 1.1.1.0
Host2 starts first with a timeout of 20 seconds, makes sure not to send the packets with the -n option, listens promiscuously for Timestamp packets from the 1.1.1.0 network. Host1 sends the exact packets Host2 is listening for with a 2.2.2.2 spoofed source address. Yes, one could simply replace the -n option in Host2s command line with -s 2.2.2.2 and do the same thing from one workstation, but were demonstrating a distributed concept.
Enhancements:
- I have added ICMP MASK (type 17 and 18) requests and replys. Simply use the -i 4 option on the command line, such as; icmpenum -i 4 -c 1.2.3.1 (sends ICMP MASK requests to the Class C range 1.2.3.1/24 and reports any system as.
- Due to the use of some older versions of Libnet and Libpcap. I can see problems for some people compiling this and hence have placed two statically linked versions within the tarball

ICMPInfo is a tool that uses ICMP type 13 and 17 to retrieve the current time of a remote host and its netmask.

NetPacket::ICMP is a Perl module to assemble and disassemble ICMP (Internet Control Message Protocol) packets.

SYNOPSIS

use NetPacket::ICMP;

$icmp_obj = NetPacket::ICMP->decode($raw_pkt);
$icmp_pkt = NetPacket::ICMP->encode();
$icmp_data = NetPacket::ICMP::strip($raw_pkt);

NetPacket::ICMP provides a set of routines for assembling and disassembling packets using ICMP (Internet Control Message Protocol).

Methods

NetPacket::ICMP->decode([RAW PACKET])
Decode the raw packet data given and return an object containing instance data. This method will quite happily decode garbage input. It is the responsibility of the programmer to ensure valid packet data is passed to this method.

NetPacket::ICMP->encode()
Return an ICMP packet encoded with the instance data specified.

Net::BitTorrent::PeerPacket is a Parse/Build Peer Packets from BitTorrent.

SYNOPSIS

# Encode a packet
my $binary_packet = bt_build_packet($key1, $value1, $key2, $value2);

# Decode a packet
my $parsed_packet = bt_parse_packet($binary_data);

Net::BitTorrent::PeerPacket handles parsing and building binary data shared between BitTorrent peers. The module optinally exports a single subroutine for building packets and another for parsing packets, as well as, a constant for each packet type defined by BitTorrent.