API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 10th, 2017
113
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Ruby 5.63 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/ruby
  2. # This program wass made by mr_hai of the Evilzone.org/Hacktalk.net community
  3. # This program is free to use and distribute so long as you keep my name on it, I'd like to ask you to provide
  4. # me with any modifications you make to the code so I may implement them, YOU WILL BE CREDITED.
  5. #TODO:  scan for and implement proper IP addressses from the local subnet
  6. #       implement length checking, for the moment just keep it to less than 50 chars per message
  7. #       I'm new to this and I'm learning as i go. I have noticed a pattern emerging as I experiemnt with length checking on the
  8. #       encrypted and unencrypted string and I expect to have a good limiter in place soon.
  9.  
  10. #USE:   This program is a small chat client/server using ICMP packets to relay the data and AES-256-CBC to encrypt so your
  11. #       communications cannot be monitored. Before use, please change the $key and $iv values, as well as set the name.
  12. #       This works on the principle that in a bridged LAN or wireless LAN you can send a packet and expect it to be seen by everyone
  13. #       with their eyes open... it doesnt matter if the protocol is filtered because this is all behind the router
  14. #      
  15.  
  16. #BUILD THE PACKET AND SEND IT
  17. #filetype:sql intext:"host" intext:"database" intext:"version"
  18.  
  19.  
  20. #as the creator of this code i declare the use of these libraries
  21. require 'socket'
  22. require 'openssl'
  23. require 'packetfu'
  24. #as the creator of this code i declare these globals
  25. $key = "qwertyuiopasdfghjklzxcvbnmqwerty"
  26. $iv = "qwertyuiopasdfghjklzxcvbnmqwerty"
  27. $iface = "eth1"
  28. $name = "mr_hai"
  29. $sniff = true
  30. #message character length limit, the maximum size of an ICMP packet is 1500 bytes i think.
  31. $char_limit = 128
  32. $host_list = Array.new
  33.  
  34. #as the creator of this code i declare the creation of a class that encrpyts strings
  35. class Encryption
  36.     def initialize (string)
  37.         @string = string
  38.     end
  39.     #decrypts
  40.     def encrypt_payload
  41.         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
  42.         cipher.encrypt
  43.         cipher.key = $key
  44.         cipher.iv = $iv
  45.         cipher.update(@string) + cipher.final
  46.        
  47.     end
  48.     #encrypts
  49.     def decrypt_payload
  50.         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
  51.         cipher.decrypt
  52.         cipher.key = $key
  53.         cipher.iv = $iv
  54.         cipher.update(@string) + cipher.final
  55.     end
  56. end
  57.  
  58.  
  59.  
  60. class Net_functions
  61.  
  62.     def initialize(pkt)
  63.         @pkt_info = pkt
  64.         #make a list of the ips in here
  65.         iplist = "CSV,here"
  66.         dest_ip = iplist.split(",")
  67.     end
  68.    
  69.     #need to modify the regex to filter out non-private ip's, currently it only matches the range and does not validate.
  70.     def network_class(ip)
  71.         if ip.match(/(192\.168\.[0-9]+\.[0-9]+)/)
  72.             $host_list << ip
  73.             host_ip = ip
  74.         elsif ip.match(/(172\.[0-9]+\.[0-9]+\.[0-9]+)/)
  75.             $host_list << ip
  76.             host_ip = ip
  77.         elsif ip.match(/(10\.[0-9]+\.[0-9]+\.[0-9]+)/)
  78.             $host_list << ip
  79.             host_ip = ip
  80.         else ip = nil
  81.         end
  82.     end
  83.     #makes a list of all the hosts on the network in a array, then takes one and assigns it to the outgoing packet... also assigns
  84.     #a destination address from one of an array of often used IP's (google, yahoo, wikipedia etc..)
  85.     def assign_ip_saddr_daddr
  86.         source      = network_class(pkt_info.ip_saddr).ip
  87.         dest        = dest_ip[rand(dest_ip.size)]
  88.        
  89.     end
  90.     #determines of the packet is an encrypted message
  91.    
  92.     #if the network doesnt allow ICMP change to type 3 code 13, thats the code for "administrativley prohibited"    .
  93.     #mimic real traffic to lower your visibility, this cant be blocked but it can be recognized.
  94.     #im working on a seperate library to work with IP address parsing and im going to use part of it on this eventually
  95.     #so you wont have to modify the code the choose an ip
  96.     def build_ICMP_packet(bloop)
  97.         icmp_packet = PacketFu::ICMPPacket.new
  98.         icmp_packet.icmp_type = 3
  99.         icmp_packet.icmp_code = 13
  100.         icmp_packet.payload = bloop
  101.         # sniff, store as var, retrive one of a list?
  102.         icmp_packet.ip_saddr= assign_ip_saddr_daddr.source
  103.         icmp_packet.ip_daddr= assign_ip_saddr_daddr.dest
  104.         icmp_packet.recalc
  105.         icmp_packet.to_w($iface)   
  106.     end
  107. end
  108.  
  109.  
  110.  
  111. #instances of the server call the encryption functions and validate/manufacture/inject the packet
  112. class Server
  113.     def initialize (whole_pkt, message)
  114.         @message = message
  115.         @pkt = whole_pkt
  116.         if is_packet_message?
  117.        
  118.         else
  119.        
  120.         end    
  121.     end
  122.     #booleans anyone? Kills Server instance if this returns a false.
  123.     def is_packet_message?
  124.         if @pkt.payload.length > 32
  125.         return true
  126.         else return false
  127.         end
  128.     end
  129. #speaks for itself
  130.     def send_message
  131.         outgoing = Encryption.new(@message)
  132.         encrypted_string = outgoing.encrypt_payload
  133.         build_ICMP_packet(encrypted_string)
  134.     end
  135. #ditto
  136.     def recieve_message
  137.         incomming = Encryption.new(@message)
  138.         incomming.decrypt_payload
  139.     end
  140.  
  141. end
  142.  
  143.  
  144.  
  145. class Client
  146.     def initialize
  147.     #forks the sniffer
  148.     matey = fork do
  149.             Signal.trap('HUP', 'IGNORE')
  150.             Process.setsid
  151.             packet_stream #starts the sniffer
  152.             end
  153.         Process.detach(matey)
  154. #starts the cli
  155.         cli
  156.     end
  157.    
  158.     def cli
  159.         while $sniff == true do
  160.             input = gets.chomp
  161.                 message = $name + "=> " + input
  162.                 if message.length > $char_limit
  163.                 puts "message too long, the limit is " + $char_limit + " characters"
  164.                 else send = Server.new(message)
  165.                      send.send_message
  166.                 end
  167.         end
  168.     end
  169.    
  170.     def packet_stream
  171.         cap = PacketFu::Capture.new(:iface => "eth1" , :start => true)     
  172.         capture_stream = loop {
  173.             cap.stream.each{
  174.                 |pkt| packet = PacketFu::Packet.parse(pkt)
  175.                 #matches keyword and rest of message
  176.                 if packet.is_icmp? and packet.ip_saddr = "192.168.1.2"
  177.                     grab = Server.new(packet, packet.payload)
  178.                     message = grab.recieve_message
  179.                     puts "\033[34m" + message + "\033[0m\n"
  180.                 else nil
  181.                 end
  182.                 }
  183.             }
  184.     end
  185. end
  186.  
  187. Client.new
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!