Erreinion/Hping3 Packet Grenade

## Hping3 Packet Grenade
# Packet Grenade
# Feb 13, 2015

# Lists of targets
set pinglist [list www.google.com www.facebook.com]
set httplist [list www.google.com www.facebook.com]
set httpslist [list www.google.com www.facebook.com]
set ftplist [list]
set sshlist [list alt.org thebes.openshells.net]

# codified strings
set str_icmp "icmp"
set str_http "http"
set str_https "https"
set str_ftp "ftp"
set str_ssh "ssh"

# helper functions
proc GetIpSaddr packet { return [GetApdField ip saddr $packet] }
proc GetIcmpCode packet { return [GetApdField icmp code $packet ] }
proc GetTcpSport packet { return [GetApdField tcp sport $packet] }

# Return the name of the Interface that connects to the addr
proc outifname addr {
	set ifa [hping outifa $addr]
	set interfaces [hping iflist]
	foreach i $interfaces {
		if {$ifa == [lindex $i 1]} {
			return [lindex $i 0]
		}
	}
	error "Unable to find the output interface name for $addr"
}

# send crafted packets and listen for response
proc isawake {addr prot} {
	set addr [hping resolve $addr]
	set ifname [outifname $addr]
	set ifaddr [hping outifa $addr]

	# create a receiver
	hping recv eth0 0

	set packet "ip(saddr=$ifaddr,daddr=$addr,ttl=64)"

	if $prot == $str_icmp {
	append payload $packet "+icmp(type=8,code=8,id=11111)"
	}

	if $prot == $str_http {
	append payload $packet "+tcp(sport=11111,dport=80,flags=s)"
	}

	if $prot == $str_https {
	append payload $packet "+tcp(sport=11111,dport=443,flags=s)"
	}

	if $prot == $str_ftp {
	append payload $packet "+tcp(sport=11111,dport=21,flags=s)"
	}

	if $prot == $str_ssh {
	append payload $packet "+tcp(sport=11111,dport=22,flags=s)"
	}

	hping send $payload

	for {set i 0} {$i < 10} {incr i} {
		set packets [hping recv $ifname 100 0]
		foreach p $packets {
			if {([GetIpSaddr $p] == $addr) && (([GetIcmpId $p] == 11111) || ([GetTcpSport $p] == 11111))} {
			     	return 1;
			}
		}
	}
	return 0;
}


proc pull_the_pin {targetlist prot} {
	foreach url $targetlist {
		set systemTime [clock seconds]
		set now [clock format $systemTime]

		if [isawake $url $prot] {
			puts "$now [ALLOWED] $url via $prot"
		} else {
			puts "$now [BLOCKED] $url via $prot"
		}
	}
}

pull_the_pin $pinglist $str_icmp
pull_the_pin $httplist $str_http
pull_the_pin $httpslist $str_https
pull_the_pin $ftplist $str_ftp
pull_the_pin $sshlist $str_ssh
	# Packet Grenade
	# Feb 13, 2015

	# Lists of targets
	set pinglist [list www.google.com www.facebook.com]
	set httplist [list www.google.com www.facebook.com]
	set httpslist [list www.google.com www.facebook.com]
	set ftplist [list]
	set sshlist [list alt.org thebes.openshells.net]

	# codified strings
	set str_icmp "icmp"
	set str_http "http"
	set str_https "https"
	set str_ftp "ftp"
	set str_ssh "ssh"

	# helper functions
	proc GetIpSaddr packet { return [GetApdField ip saddr $packet] }
	proc GetIcmpCode packet { return [GetApdField icmp code $packet ] }
	proc GetTcpSport packet { return [GetApdField tcp sport $packet] }

	# Return the name of the Interface that connects to the addr
	proc outifname addr {
	set ifa [hping outifa $addr]
	set interfaces [hping iflist]
	foreach i $interfaces {
	if {$ifa == [lindex $i 1]} {
	return [lindex $i 0]
	}
	}
	error "Unable to find the output interface name for $addr"
	}

	# send crafted packets and listen for response
	proc isawake {addr prot} {
	set addr [hping resolve $addr]
	set ifname [outifname $addr]
	set ifaddr [hping outifa $addr]

	# create a receiver
	hping recv eth0 0

	set packet "ip(saddr=$ifaddr,daddr=$addr,ttl=64)"

	if $prot == $str_icmp {
	append payload $packet "+icmp(type=8,code=8,id=11111)"
	}

	if $prot == $str_http {
	append payload $packet "+tcp(sport=11111,dport=80,flags=s)"
	}

	if $prot == $str_https {
	append payload $packet "+tcp(sport=11111,dport=443,flags=s)"
	}

	if $prot == $str_ftp {
	append payload $packet "+tcp(sport=11111,dport=21,flags=s)"
	}

	if $prot == $str_ssh {
	append payload $packet "+tcp(sport=11111,dport=22,flags=s)"
	}

	hping send $payload

	for {set i 0} {$i < 10} {incr i} {
	set packets [hping recv $ifname 100 0]
	foreach p $packets {
	if {([GetIpSaddr $p] == $addr) && (([GetIcmpId $p] == 11111) \|\| ([GetTcpSport $p] == 11111))} {
	return 1;
	}
	}
	}
	return 0;
	}


	proc pull_the_pin {targetlist prot} {
	foreach url $targetlist {
	set systemTime [clock seconds]
	set now [clock format $systemTime]

	if [isawake $url $prot] {
	puts "$now [ALLOWED] $url via $prot"
	} else {
	puts "$now [BLOCKED] $url via $prot"
	}
	}
	}

	pull_the_pin $pinglist $str_icmp
	pull_the_pin $httplist $str_http
	pull_the_pin $httpslist $str_https
	pull_the_pin $ftplist $str_ftp
	pull_the_pin $sshlist $str_ssh