#!/usr/bin/ruby# This program wass made by mr_hai of the Evilzone.org/Hacktalk

1. #!/usr/bin/ruby
2. # This program wass made by mr_hai of the Evilzone.org/Hacktalk.net community
3. # This program is free to use and distribute so long as you keep my name on it, I'd like to ask you to provide
4. # me with any modifications you make to the code so I may implement them, YOU WILL BE CREDITED.
5. #TODO:  scan for and implement proper IP addressses from the local subnet
6. #       implement length checking, for the moment just keep it to less than 50 chars per message
7. #       I'm new to this and I'm learning as i go. I have noticed a pattern emerging as I experiemnt with length checking on the
8. #       encrypted and unencrypted string and I expect to have a good limiter in place soon.
9.  
10. #USE:   This program is a small chat client/server using ICMP packets to relay the data and AES-256-CBC to encrypt so your
11. #       communications cannot be monitored. Before use, please change the $key and $iv values, as well as set the name.
12. #       This works on the principle that in a bridged LAN or wireless LAN you can send a packet and expect it to be seen by everyone
13. #       with their eyes open... it doesnt matter if the protocol is filtered because this is all behind the router
14. #      
15.  
16. #BUILD THE PACKET AND SEND IT
17.  
18.  
19.  
20. #as the creator of this code i declare the use of these libraries
21. require 'socket'
22. require 'openssl'
23. require 'packetfu'
24. #as the creator of this code i declare these globals
25. $key = "qwertyuiopasdfghjklzxcvbnmqwerty"
26. $iv = "qwertyuiopasdfghjklzxcvbnmqwerty"
27. $iface = "eth1"
28. $name = "mr_hai"
29. $sniff = 1
30.  
31.  
32.  
33. #as the creator of this code i declare the creation of a class that encrpyts strings
34. class Encryption
35.     def initialize (string)
36.         @string = string
37.     end
38.     #decrypts
39.     def encrypt_payload
40.         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
41.         cipher.encrypt
42.         cipher.key = $key
43.         cipher.iv = $iv
44.         cipher.update(@string) + cipher.final
45.        
46.     end
47.     #encrypts
48.     def decrypt_payload
49.         cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
50.         cipher.decrypt
51.         cipher.key = $key
52.         cipher.iv = $iv
53.         cipher.update(@string) + cipher.final
54.     end
55. end
56.  
57.  
58.  
59. class Net_functions
60.     #takes IP as an argument to determine the private network class and returns class as a string and assigns IP to @host_ip
61.     #need to modify the regex to filter out non-private ip's, currently it only matches the range and does not validate.
62.     #example
63.     #       network_class(packet.ip_daddr OR packet.ip_saddr)
64.     def network_class(ip)
65.         if ip.match(/(192\.168\.[0-9]+\.[0-9]+)/)
66.             @net_class = "class c" and @host_ip = ip
67.         elsif ip.match(/(172\.[0-9]+\.[0-9]+\.[0-9]+)/)
68.             @net_class = "class b" and @host_ip = ip
69.         elsif ip.match(/(10\.[0-9]+\.[0-9]+\.[0-9]+)/)
70.             @net_class = "class a" and @host_ip = ip
71.         else @net_class = false
72.         end
73.     end
74.     #if the network doesnt allow ICMP change to type 3 code 13, thats the code for "administrativley prohibited"    .
75.     #mimic real traffic to lower your visibility, this cant be blocked but it can be recognized.
76.     #im working on a seperate library to work with IP address parsing and im going to use part of it on this eventually
77.     #so you wont have to modify the code the choose an ip
78.     def build_ICMP_packet(bloop)
79.         icmp_packet = PacketFu::ICMPPacket.new
80.         icmp_packet.icmp_type = 3
81.         icmp_packet.icmp_code = 13
82.         icmp_packet.payload = bloop
83.         # sniff, store as var, retrive one of a list?
84.         icmp_packet.ip_saddr= assign_ip_saddr
85.         icmp_packet.ip_daddr= assign_ip_daddr
86.         icmp_packet.recalc
87.         icmp_packet.to_w($iface)   
88.     end
89. end
90.  
91.  
92.  
93. #instances of the server call the encryption functions and manufacture/inject the packet
94. class Server
95.     def initialize (message)
96.         @message = message     
97.     end
98. #speaks for itself
99.     def send_message
100.         outgoing = Encryption.new(@message)
101.         encrypted_string = outgoing.encrypt_payload
102.         build_ICMP_packet(encrypted_string)
103.     end
104. #ditto
105.     def recieve_message
106.         incomming = Encryption.new(@message)
107.         incomming.decrypt_payload
108.     end
109.  
110. end
111.  
112.  
113.  
114. class Client
115.     def initialize
116.     #forks the sniffer
117.     matey = fork do
118.             Signal.trap('HUP', 'IGNORE')
119.             Process.setsid
120.             packet_stream #starts the sniffer
121.             end
122.         Process.detach(matey)
123. #starts the cli
124.         cli
125.     end
126.    
127.     def cli
128.         while $sniff == 1 do
129.             input = gets.chomp
130.                 message = $name + "=> " + input
131.                 send = Server.new(message)
132.                 send.send_message
133.         end
134.     end
135.    
136.     def packet_stream
137.         cap = PacketFu::Capture.new(:iface => "eth1" , :start => true)     
138.         capture_stream = loop {
139.             cap.stream.each{
140.                 |pkt| packet = PacketFu::Packet.parse(pkt)
141.                 #matches keyword and rest of message
142.                 if packet.is_icmp? and packet.ip_saddr = "192.168.1.2"
143.                     grab = Server.new(packet.payload)
144.                     message = grab.recieve_message
145.                     puts "\033[34m" + message + "\033[0m\n"
146.                 else nil
147.                 end
148.                 }
149.             }
150.     end
151. end
152. Client.new