Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/ruby
- # This program wass made by mr_hai of the Evilzone.org/Hacktalk.net community
- # This program is free to use and distribute so long as you keep my name on it, I'd like to ask you to provide
- # me with any modifications you make to the code so I may implement them, YOU WILL BE CREDITED.
- #TODO: scan for and implement proper IP addressses from the local subnet
- # implement length checking, for the moment just keep it to less than 50 chars per message
- # I'm new to this and I'm learning as i go. I have noticed a pattern emerging as I experiemnt with length checking on the
- # encrypted and unencrypted string and I expect to have a good limiter in place soon.
- #USE: This program is a small chat client/server using ICMP packets to relay the data and AES-256-CBC to encrypt so your
- # communications cannot be monitored. Before use, please change the $key and $iv values, as well as set the name.
- # This works on the principle that in a bridged LAN or wireless LAN you can send a packet and expect it to be seen by everyone
- # with their eyes open... it doesnt matter if the protocol is filtered because this is all behind the router
- #
- #BUILD THE PACKET AND SEND IT
- #filetype:sql intext:"host" intext:"database" intext:"version"
- #as the creator of this code i declare the use of these libraries
- require 'socket'
- require 'openssl'
- require 'packetfu'
- #as the creator of this code i declare these globals
- $key = "qwertyuiopasdfghjklzxcvbnmqwerty"
- $iv = "qwertyuiopasdfghjklzxcvbnmqwerty"
- $iface = "eth1"
- $name = "mr_hai"
- $sniff = true
- #message character length limit, the maximum size of an ICMP packet is 1500 bytes i think.
- $char_limit = 128
- $host_list = Array.new
- #as the creator of this code i declare the creation of a class that encrpyts strings
- class Encryption
- def initialize (string)
- @string = string
- end
- #decrypts
- def encrypt_payload
- cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
- cipher.encrypt
- cipher.key = $key
- cipher.iv = $iv
- cipher.update(@string) + cipher.final
- end
- #encrypts
- def decrypt_payload
- cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
- cipher.decrypt
- cipher.key = $key
- cipher.iv = $iv
- cipher.update(@string) + cipher.final
- end
- end
- class Net_functions
- def initialize(pkt)
- @pkt_info = pkt
- #make a list of the ips in here
- iplist = "CSV,here"
- dest_ip = iplist.split(",")
- end
- #need to modify the regex to filter out non-private ip's, currently it only matches the range and does not validate.
- def network_class(ip)
- if ip.match(/(192\.168\.[0-9]+\.[0-9]+)/)
- $host_list << ip
- host_ip = ip
- elsif ip.match(/(172\.[0-9]+\.[0-9]+\.[0-9]+)/)
- $host_list << ip
- host_ip = ip
- elsif ip.match(/(10\.[0-9]+\.[0-9]+\.[0-9]+)/)
- $host_list << ip
- host_ip = ip
- else ip = nil
- end
- end
- #makes a list of all the hosts on the network in a array, then takes one and assigns it to the outgoing packet... also assigns
- #a destination address from one of an array of often used IP's (google, yahoo, wikipedia etc..)
- def assign_ip_saddr_daddr
- source = network_class(pkt_info.ip_saddr).ip
- dest = dest_ip[rand(dest_ip.size)]
- end
- #determines of the packet is an encrypted message
- #if the network doesnt allow ICMP change to type 3 code 13, thats the code for "administrativley prohibited" .
- #mimic real traffic to lower your visibility, this cant be blocked but it can be recognized.
- #im working on a seperate library to work with IP address parsing and im going to use part of it on this eventually
- #so you wont have to modify the code the choose an ip
- def build_ICMP_packet(bloop)
- icmp_packet = PacketFu::ICMPPacket.new
- icmp_packet.icmp_type = 3
- icmp_packet.icmp_code = 13
- icmp_packet.payload = bloop
- # sniff, store as var, retrive one of a list?
- icmp_packet.ip_saddr= assign_ip_saddr_daddr.source
- icmp_packet.ip_daddr= assign_ip_saddr_daddr.dest
- icmp_packet.recalc
- icmp_packet.to_w($iface)
- end
- end
- #instances of the server call the encryption functions and validate/manufacture/inject the packet
- class Server
- def initialize (whole_pkt, message)
- @message = message
- @pkt = whole_pkt
- if is_packet_message?
- else
- end
- end
- #booleans anyone? Kills Server instance if this returns a false.
- def is_packet_message?
- if @pkt.payload.length > 32
- return true
- else return false
- end
- end
- #speaks for itself
- def send_message
- outgoing = Encryption.new(@message)
- encrypted_string = outgoing.encrypt_payload
- build_ICMP_packet(encrypted_string)
- end
- #ditto
- def recieve_message
- incomming = Encryption.new(@message)
- incomming.decrypt_payload
- end
- end
- class Client
- def initialize
- #forks the sniffer
- matey = fork do
- Signal.trap('HUP', 'IGNORE')
- Process.setsid
- packet_stream #starts the sniffer
- end
- Process.detach(matey)
- #starts the cli
- cli
- end
- def cli
- while $sniff == true do
- input = gets.chomp
- message = $name + "=> " + input
- if message.length > $char_limit
- puts "message too long, the limit is " + $char_limit + " characters"
- else send = Server.new(message)
- send.send_message
- end
- end
- end
- def packet_stream
- cap = PacketFu::Capture.new(:iface => "eth1" , :start => true)
- capture_stream = loop {
- cap.stream.each{
- |pkt| packet = PacketFu::Packet.parse(pkt)
- #matches keyword and rest of message
- if packet.is_icmp? and packet.ip_saddr = "192.168.1.2"
- grab = Server.new(packet, packet.payload)
- message = grab.recieve_message
- puts "\033[34m" + message + "\033[0m\n"
- else nil
- end
- }
- }
- end
- end
- Client.new
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement