#!/usr/bin/ruby# This program wass made by mr_hai of the Evilzone.org/Hacktalk

1. #!/usr/bin/ruby
2. # This program wass made by mr_hai of the Evilzone.org/Hacktalk.net community
3. # This program is free to use and distribute so long as you keep my name on it, I'd like to ask you to provide
4. # me with any modifications you make to the code so I may implement them, YOU WILL BE CREDITED.
5. #TODO:  scan for and implement proper IP addressses from the local subnet
6. #       implement length checking, for the moment just keep it to less than 50 chars per message
7. #       I'm new to this and I'm learning as i go. I have noticed a pattern emerging as I experiemnt with length checking on the
8. #       encrypted and unencrypted string and I expect to have a good limiter in place soon.
9.  
10. #USE:   This program is a small chat client/server using ICMP packets to relay the data and AES-256-CBC to encrypt so your
11. #       communications cannot be monitored. Before use, please change the $key and $iv values, as well as set the name.
12. #       This works on the principle that in a bridged LAN or wireless LAN you can send a packet and expect it to be seen by everyone
13. #       with their eyes open... it doesnt matter if the protocol is filtered because this is all behind the router
14. #      
15.  
16. #BUILD THE PACKET AND SEND IT
17.  
18. #as the creator of this code i declare the use of these libraries
19. require 'socket'
20. require 'openssl'
21. require 'packetfu'
22. #as the creator of this code i declare these globals
23. $key = "qwertyuiopasdfghjklzxcvbnmqwerty"
24. $iv = "qwertyuiopasdfghjklzxcvbnmqwerty"
25. $iface = "eth1"
26. $name = "mr_hai"
27. $sniff = 1
28. #as the creator of this code i declare the creation of a class that encrpyts strings
29. class Encryption
30.     def initialize (string)
31.         @string = string
32.     end
33.     #decrypts
34.     def encrypt_payload
35.         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
36.         cipher.encrypt
37.         cipher.key = $key
38.         cipher.iv = $iv
39.         cipher.update(@string) + cipher.final
40.        
41.     end
42.     #encrypts
43.     def decrypt_payload
44.         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
45.         cipher.decrypt
46.         cipher.key = $key
47.         cipher.iv = $iv
48.         cipher.update(@string) + cipher.final
49.     end
50. end
51. #instances of the server call the encryption functions and manufacture/inject the packet
52. class Server
53.     def initialize (message)
54.         @message = message     
55.     end
56. #speaks for itself
57.     def send_message
58.         outgoing = Encryption.new(@message)
59.         encrypted_string = outgoing.encrypt_payload
60.         build_ICMP_packet(encrypted_string)
61.     end
62. #ditto
63.     def recieve_message
64.         incomming = Encryption.new(@message)
65.         incomming.decrypt_payload
66.     end
67. #if the network doesnt allow ICMP change to type 3 code 13, thats the code for "administrativley prohibited"    .
68. #mimic real traffic to lower your visibility, this cant be blocked but it can be recognized.
69. #im working on a seperate library to work with IP address parsing and im going to use part of it on this eventually
70. #so you wont have to modify the code the choose an ip
71.     def build_ICMP_packet(bloop)
72.         icmp_packet = PacketFu::ICMPPacket.new
73.         icmp_packet.icmp_type = 3
74.         icmp_packet.icmp_code = 13
75.         icmp_packet.payload = bloop
76.         icmp_packet.ip_saddr= "192.168.1.2"
77.         icmp_packet.ip_daddr="192.168.1.3"
78.         icmp_packet.recalc
79.         icmp_packet.to_w($iface)   
80.     end
81.    
82. end
83.  
84. class Client
85.     def initialize
86.     #forks the sniffer
87.     matey = fork do
88.             Signal.trap('HUP', 'IGNORE')
89.             Process.setsid
90.             packet_stream #starts the sniffer
91.             end
92.         Process.detach(matey)
93. #starts the cli
94.         cli
95.     end
96.    
97.     def cli
98.         while $sniff == 1 do
99.             input = gets.chomp
100.                 message = $name + "=> " + input
101.                 send = Server.new(message)
102.                 send.send_message
103.         end
104.     end
105.    
106.     def packet_stream
107.         cap = PacketFu::Capture.new(:iface => "eth1" , :start => true)     
108.         capture_stream = loop {
109.             cap.stream.each{
110.                 |pkt| packet = PacketFu::Packet.parse(pkt)
111.                 #matches keyword and rest of message
112.                 if packet.is_icmp? and packet.ip_saddr = "192.168.1.2"
113.                     grab = Server.new(packet.payload)
114.                     message = grab.recieve_message
115.                     puts "\033[34m" + message + "\033[0m\n"
116.                 else nil
117.                 end
118.                 }
119.             }
120.     end
121. end
122. Client.new