bettercap: github.com/bettercap/bettercap/packets Index | Files

package packets

import "github.com/bettercap/bettercap/packets"

Package packets contains structure declarations for network packets and the main packets queue.

Index

Package Files

arp.go dhcp6.go dhcp6_layer.go doc.go dot11.go dot11_types.go krb5.go mdns.go mysql.go nbns.go ntlm.go queue.go serialize.go tcp.go udp.go upnp.go wsd.go

Constants

const (
    Krb5AsRequestType         = 10
    Krb5Krb5PrincipalNameType = 1
    Krb5CryptDesCbcMd4        = 2
    Krb5CryptDescCbcMd5       = 3
    Krb5CryptRc4Hmac          = 23
)
const (
    NBNSPort        = 137
    NBNSMinRespSize = 73
)
const (
    NTLM_SIG_OFFSET  = 0
    NTLM_TYPE_OFFSET = 8

    NTLM_TYPE1_FLAGS_OFFSET   = 12
    NTLM_TYPE1_DOMAIN_OFFSET  = 16
    NTLM_TYPE1_WORKSTN_OFFSET = 24
    NTLM_TYPE1_DATA_OFFSET    = 32
    NTLM_TYPE1_MINSIZE        = 16

    NTLM_TYPE2_TARGET_OFFSET     = 12
    NTLM_TYPE2_FLAGS_OFFSET      = 20
    NTLM_TYPE2_CHALLENGE_OFFSET  = 24
    NTLM_TYPE2_CONTEXT_OFFSET    = 32
    NTLM_TYPE2_TARGETINFO_OFFSET = 40
    NTLM_TYPE2_DATA_OFFSET       = 48
    NTLM_TYPE2_MINSIZE           = 32

    NTLM_TYPE3_LMRESP_OFFSET     = 12
    NTLM_TYPE3_NTRESP_OFFSET     = 20
    NTLM_TYPE3_DOMAIN_OFFSET     = 28
    NTLM_TYPE3_USER_OFFSET       = 36
    NTLM_TYPE3_WORKSTN_OFFSET    = 44
    NTLM_TYPE3_SESSIONKEY_OFFSET = 52
    NTLM_TYPE3_FLAGS_OFFSET      = 60
    NTLM_TYPE3_DATA_OFFSET       = 64
    NTLM_TYPE3_MINSIZE           = 52

    NTLM_BUFFER_LEN_OFFSET    = 0
    NTLM_BUFFER_MAXLEN_OFFSET = 2
    NTLM_BUFFER_OFFSET_OFFSET = 4
    NTLM_BUFFER_SIZE          = 8

    NtlmV1 = 1
    NtlmV2 = 2
)
const DHCP6OptClientFQDN = 39
const DHCP6OptDNSDomains = 24
const DHCP6OptDNSServers = 23
const IPv6Prefix = "fe80::"

link-local

const MDNSPort = 5353
const (
    UPNPPort = 1900
)
const (
    WSDPort = 3702
)

Variables

var (
    ErrNoCrypt  = errors.New("No crypt alg found")
    ErrReqData  = errors.New("Failed to extract pnData from as-req")
    ErrNoCipher = errors.New("No encryption type or cipher found")

    Krb5AsReqParam = "application,explicit,tag:10"
)
var (
    MDNSDestMac = net.HardwareAddr{0x01, 0x00, 0x5e, 0x00, 0x00, 0xfb}
    MDNSDestIP  = net.ParseIP("224.0.0.251")
)
var (
    MySQLGreeting = []byte{
        0x5b, 0x00, 0x00, 0x00, 0x0a, 0x35, 0x2e, 0x36,
        0x2e, 0x32, 0x38, 0x2d, 0x30, 0x75, 0x62, 0x75,
        0x6e, 0x74, 0x75, 0x30, 0x2e, 0x31, 0x34, 0x2e,
        0x30, 0x34, 0x2e, 0x31, 0x00, 0x2d, 0x00, 0x00,
        0x00, 0x40, 0x3f, 0x59, 0x26, 0x4b, 0x2b, 0x34,
        0x60, 0x00, 0xff, 0xf7, 0x08, 0x02, 0x00, 0x7f,
        0x80, 0x15, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
        0x00, 0x00, 0x00, 0x00, 0x68, 0x69, 0x59, 0x5f,
        0x52, 0x5f, 0x63, 0x55, 0x60, 0x64, 0x53, 0x52,
        0x00, 0x6d, 0x79, 0x73, 0x71, 0x6c, 0x5f, 0x6e,
        0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x70, 0x61,
        0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x00,
    }
    MySQLFirstResponseOK = []byte{
        0x07, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x02,
        0x00, 0x00, 0x00,
    }
    MySQLSecondResponseOK = []byte{
        0x07, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x02,
        0x00, 0x00, 0x00,
    }
)
var (
    UPNPDestMac          = net.HardwareAddr{0x01, 0x00, 0x5e, 0x00, 0x00, 0xfb}
    UPNPDestIP           = net.ParseIP("239.255.255.250")
    UPNPDiscoveryPayload = []byte("M-SEARCH * HTTP/1.1\r\n" +
        fmt.Sprintf("Host: %s:%d\r\n", UPNPDestIP, UPNPPort) +
        "Man: ssdp:discover\r\n" +
        "ST: ssdp:all\r\n" +
        "MX: 2\r\n" +
        "\r\n")
)
var (
    WSDDestIP           = net.ParseIP("239.255.255.250")
    WSDDiscoveryPayload = []byte("<?xml version=\"1.0\" encoding=\"utf-8\" ?>" +
        "<soap:Envelope" +
        " xmlns:soap=\"http://www.w3.org/2003/05/soap-envelope\"" +
        " xmlns:wsa=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"" +
        " xmlns:wsd=\"http://schemas.xmlsoap.org/ws/2005/04/discovery\"" +
        " xmlns:wsdp=\"http://schemas.xmlsoap.org/ws/2006/02/devprof\">" +
        "<soap:Header>" +
        "<wsa:To>urn:schemas-xmlsoap-org:ws:2005:04:discovery</wsa:To>" +
        "<wsa:Action>http://schemas.xmlsoap.org/ws/2005/04/discovery/Probe</wsa:Action>" +
        "<wsa:MessageID>urn:uuid:05a0036e-dcc8-4db8-98b6-0ceeee60a6d9</wsa:MessageID>" +
        "</soap:Header>" +
        "<soap:Body>" +
        "<wsd:Probe/>" +
        "</soap:Body>" +
        "</env:Envelope>")
)
var (
    ErrNoCID = errors.New("Unexpected DHCPv6 packet, could not find client id.")
)
var (
    // NBNS hostname resolution request buffer.
    NBNSRequest = []byte{
        0x82, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0,
        0x0, 0x0, 0x20, 0x43, 0x4B, 0x41, 0x41, 0x41, 0x41,
        0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
        0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
        0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x0,
        0x0, 0x21, 0x0, 0x1,
    }
)
var SerializationOptions = gopacket.SerializeOptions{
    FixLengths:       true,
    ComputeChecksums: true,
}

func DHCP6EncodeList Uses

func DHCP6EncodeList(elements []string) (encoded []byte)

func DHCP6For Uses

func DHCP6For(what dhcp6.MessageType, to dhcp6.Packet, duid []byte) (err error, p dhcp6.Packet)

func Dot11Info Uses

func Dot11Info(id layers.Dot11InformationElementID, info []byte) *layers.Dot11InformationElement

func Dot11InformationElementIDDSSetDecode Uses

func Dot11InformationElementIDDSSetDecode(buf []byte) (channel int, err error)

func Dot11IsDataFor Uses

func Dot11IsDataFor(dot11 *layers.Dot11, station net.HardwareAddr) bool

func Dot11Parse Uses

func Dot11Parse(packet gopacket.Packet) (ok bool, radiotap *layers.RadioTap, dot11 *layers.Dot11)

func Dot11ParseDSSet Uses

func Dot11ParseDSSet(packet gopacket.Packet) (bool, int)

func Dot11ParseEncryption Uses

func Dot11ParseEncryption(packet gopacket.Packet, dot11 *layers.Dot11) (bool, string, string, string)

func Dot11ParseIDSSID Uses

func Dot11ParseIDSSID(packet gopacket.Packet) (bool, string)

func MDNSGetMeta Uses

func MDNSGetMeta(pkt gopacket.Packet) map[string]string

func MySQLGetFile Uses

func MySQLGetFile(infile string) []byte

func NBNSGetMeta Uses

func NBNSGetMeta(pkt gopacket.Packet) map[string]string

func NewARP Uses

func NewARP(from net.IP, from_hw net.HardwareAddr, to net.IP, req uint16) (layers.Ethernet, layers.ARP)

func NewARPReply Uses

func NewARPReply(from net.IP, from_hw net.HardwareAddr, to net.IP, to_hw net.HardwareAddr) (error, []byte)

func NewARPRequest Uses

func NewARPRequest(from net.IP, from_hw net.HardwareAddr, to net.IP) (error, []byte)

func NewARPTo Uses

func NewARPTo(from net.IP, from_hw net.HardwareAddr, to net.IP, to_hw net.HardwareAddr, req uint16) (layers.Ethernet, layers.ARP)

func NewDot11Beacon Uses

func NewDot11Beacon(conf Dot11ApConfig, seq uint16) (error, []byte)

func NewDot11Deauth Uses

func NewDot11Deauth(a1 net.HardwareAddr, a2 net.HardwareAddr, a3 net.HardwareAddr, seq uint16) (error, []byte)

func NewMDNSProbe Uses

func NewMDNSProbe(from net.IP, from_hw net.HardwareAddr) (error, []byte)

func NewTCPSyn Uses

func NewTCPSyn(from net.IP, from_hw net.HardwareAddr, to net.IP, to_hw net.HardwareAddr, srcPort int, dstPort int) (error, []byte)

func NewUDPProbe Uses

func NewUDPProbe(from net.IP, from_hw net.HardwareAddr, to net.IP, port int) (error, []byte)

func Serialize Uses

func Serialize(layers ...gopacket.SerializableLayer) (error, []byte)

func UPNPGetMeta Uses

func UPNPGetMeta(pkt gopacket.Packet) map[string]string

type Activity Uses

type Activity struct {
    IP     net.IP
    MAC    net.HardwareAddr
    Meta   map[string]string
    Source bool
}

type AuthSuite Uses

type AuthSuite struct {
    OUI  []byte // 3 bytes
    Type Dot11AuthType
}

type AuthSuiteSelector Uses

type AuthSuiteSelector struct {
    Count  uint16
    Suites []AuthSuite
}

type CipherSuite Uses

type CipherSuite struct {
    OUI  []byte // 3 bytes
    Type Dot11CipherType
}

type CipherSuiteSelector Uses

type CipherSuiteSelector struct {
    Count  uint16
    Suites []CipherSuite
}

type DHCPv6Layer Uses

type DHCPv6Layer struct {
    Raw []byte
}

func (*DHCPv6Layer) LayerType Uses

func (l *DHCPv6Layer) LayerType() gopacket.LayerType

func (DHCPv6Layer) SerializeTo Uses

func (l DHCPv6Layer) SerializeTo(b gopacket.SerializeBuffer, opts gopacket.SerializeOptions) error

type Dot11ApConfig Uses

type Dot11ApConfig struct {
    SSID       string
    BSSID      net.HardwareAddr
    Channel    int
    Encryption bool
}

type Dot11AuthType Uses

type Dot11AuthType uint8
const (
    Dot11AuthMgt Dot11AuthType = 1
    Dot11AuthPsk Dot11AuthType = 2
)

func (Dot11AuthType) String Uses

func (a Dot11AuthType) String() string

type Dot11CipherType Uses

type Dot11CipherType uint8
const (
    Dot11CipherWep    Dot11CipherType = 1
    Dot11CipherTkip   Dot11CipherType = 2
    Dot11CipherWrap   Dot11CipherType = 3
    Dot11CipherCcmp   Dot11CipherType = 4
    Dot11CipherWep104 Dot11CipherType = 5
)

func (Dot11CipherType) String Uses

func (a Dot11CipherType) String() string

type Krb5Address Uses

type Krb5Address struct {
    AddrType    int    `asn1:"explicit,tag:0"`
    Krb5Address []byte `asn1:"explicit,tag:1"`
}

type Krb5EncryptedData Uses

type Krb5EncryptedData struct {
    Etype  int    `asn1:"explicit,tag:0"`
    Kvno   int    `asn1:"optional,explicit,tag:1"`
    Cipher []byte `asn1:"explicit,tag:2"`
}

type Krb5PnData Uses

type Krb5PnData struct {
    Krb5PnDataType  int    `asn1:"explicit,tag:1"`
    Krb5PnDataValue []byte `asn1:"explicit,tag:2"`
}

type Krb5PrincipalName Uses

type Krb5PrincipalName struct {
    NameType   int      `asn1:"explicit,tag:0"`
    NameString []string `asn1:"general,explicit,tag:1"`
}

type Krb5ReqBody Uses

type Krb5ReqBody struct {
    KDCOptions            asn1.BitString    `asn1:"explicit,tag:0"`
    Cname                 Krb5PrincipalName `asn1:"optional,explicit,tag:1"`
    Realm                 string            `asn1:"general,explicit,tag:2"`
    Sname                 Krb5PrincipalName `asn1:"optional,explicit,tag:3"`
    From                  time.Time         `asn1:"generalized,optional,explicit,tag:4"`
    Till                  time.Time         `asn1:"generalized,optional,explicit,tag:5"`
    Rtime                 time.Time         `asn1:"generalized,optional,explicit,tag:6"`
    Nonce                 int               `asn1:"explicit,tag:7"`
    Etype                 []int             `asn1:"explicit,tag:8"`
    Krb5Addresses         []Krb5Address     `asn1:"optional,explicit,tag:9"`
    EncAuthData           Krb5EncryptedData `asn1:"optional,explicit,tag:10"`
    AdditionalKrb5Tickets []Krb5Ticket      `asn1:"optional,explicit,tag:11"`
}

type Krb5Request Uses

type Krb5Request struct {
    Pvno       int          `asn1:"explicit,tag:1"`
    MsgType    int          `asn1:"explicit,tag:2"`
    Krb5PnData []Krb5PnData `asn1:"optional,explicit,tag:3"`
    ReqBody    Krb5ReqBody  `asn1:"explicit,tag:4"`
}

func (Krb5Request) String Uses

func (kdc Krb5Request) String() (string, error)

type Krb5Ticket Uses

type Krb5Ticket struct {
    TktVno  int               `asn1:"explicit,tag:0"`
    Realm   string            `asn1:"general,explicit,tag:1"`
    Sname   Krb5PrincipalName `asn1:"explicit,tag:2"`
    EncPart Krb5EncryptedData `asn1:"explicit,tag:3"`
}

type NTLMChallengeResponse Uses

type NTLMChallengeResponse struct {
    Challenge string
    Response  string
}

func (*NTLMChallengeResponse) Parsed Uses

func (sr *NTLMChallengeResponse) Parsed() (NTLMChallengeResponseParsed, error)

func (NTLMChallengeResponse) ParsedNtLMv1 Uses

func (sr NTLMChallengeResponse) ParsedNtLMv1() (NTLMChallengeResponseParsed, error)

func (*NTLMChallengeResponse) ParsedNtLMv2 Uses

func (sr *NTLMChallengeResponse) ParsedNtLMv2() (NTLMChallengeResponseParsed, error)

type NTLMChallengeResponseParsed Uses

type NTLMChallengeResponseParsed struct {
    Type            int
    ServerChallenge string
    User            string
    Domain          string
    LmHash          string
    NtHashOne       string
    NtHashTwo       string
}

func (NTLMChallengeResponseParsed) LcString Uses

func (data NTLMChallengeResponseParsed) LcString() string

type NTLMResponseHeader Uses

type NTLMResponseHeader struct {
    Sig          string
    Type         uint32
    LmLen        uint16
    LmMax        uint16
    LmOffset     uint16
    NtLen        uint16
    NtMax        uint16
    NtOffset     uint16
    DomainLen    uint16
    DomainMax    uint16
    DomainOffset uint16
    UserLen      uint16
    UserMax      uint16
    UserOffset   uint16
    HostLen      uint16
    HostMax      uint16
    HostOffset   uint16
}

type NTLMState Uses

type NTLMState struct {
    sync.Mutex

    Responses map[uint32]string
    Pairs     []NTLMChallengeResponse
}

func NewNTLMState Uses

func NewNTLMState() *NTLMState

func (*NTLMState) AddClientResponse Uses

func (s *NTLMState) AddClientResponse(seq uint32, value string, cb func(data NTLMChallengeResponseParsed))

func (*NTLMState) AddServerResponse Uses

func (s *NTLMState) AddServerResponse(key uint32, value string)

type PacketCallback Uses

type PacketCallback func(pkt gopacket.Packet)

type Queue Uses

type Queue struct {
    sync.RWMutex

    Activities chan Activity `json:"-"`

    Stats   Stats
    Protos  map[string]uint64
    Traffic map[string]*Traffic
    // contains filtered or unexported fields
}

func NewQueue Uses

func NewQueue(iface *network.Endpoint) (q *Queue, err error)

func (*Queue) OnPacket Uses

func (q *Queue) OnPacket(cb PacketCallback)

func (*Queue) Send Uses

func (q *Queue) Send(raw []byte) error

func (*Queue) Stop Uses

func (q *Queue) Stop()

func (*Queue) TrackError Uses

func (q *Queue) TrackError()

func (*Queue) TrackPacket Uses

func (q *Queue) TrackPacket(size uint64)

func (*Queue) TrackSent Uses

func (q *Queue) TrackSent(size uint64)

type RSNInfo Uses

type RSNInfo struct {
    Version  uint16
    Group    CipherSuite
    Pairwise CipherSuiteSelector
    AuthKey  AuthSuiteSelector
}

func Dot11InformationElementRSNInfoDecode Uses

func Dot11InformationElementRSNInfoDecode(buf []byte) (rsn RSNInfo, err error)

type Stats Uses

type Stats struct {
    sync.RWMutex

    Sent        uint64
    Received    uint64
    PktReceived uint64
    Errors      uint64
}

type Traffic Uses

type Traffic struct {
    Sent     uint64
    Received uint64
}

type VendorInfo Uses

type VendorInfo struct {
    WPAVersion uint16
    Multicast  CipherSuite
    Unicast    CipherSuiteSelector
    AuthKey    AuthSuiteSelector
}

func Dot11InformationElementVendorInfoDecode Uses

func Dot11InformationElementVendorInfoDecode(buf []byte) (v VendorInfo, err error)

Package packets imports 21 packages (graph) and is imported by 6 packages. Updated 2018-10-31. Refresh now. Tools for package owners.