|
|
@ -7,8 +7,6 @@ |
|
|
|
|
|
|
|
struct ng_session *debug_socket; |
|
|
|
|
|
|
|
uint16_t packet_length = 100; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// pseudo header needed for tcp header checksum calculation |
|
|
@ -47,6 +45,98 @@ unsigned short checksum(const char *buf, unsigned size) |
|
|
|
|
|
|
|
/* Invert to get the negative in ones-complement arithmetic */ |
|
|
|
return ~sum; |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
void create_data_packet(char** out_packet, int* out_packet_len, struct tcp_session tcps) |
|
|
|
{ |
|
|
|
// datagram to represent the packet |
|
|
|
char *datagram = calloc(DATAGRAM_LEN, sizeof(char)); |
|
|
|
|
|
|
|
// required structs for IP and TCP header |
|
|
|
struct iphdr *iph = (struct iphdr*)datagram; |
|
|
|
struct tcphdr *tcph = (struct tcphdr*)(datagram + sizeof(struct iphdr)); |
|
|
|
struct pseudo_header psh; |
|
|
|
|
|
|
|
char source_ip[32]; |
|
|
|
struct sockaddr_in sin; |
|
|
|
|
|
|
|
//some address resolution |
|
|
|
strcpy(source_ip , "10.0.0.116"); // cli ip |
|
|
|
sin.sin_family = AF_INET; |
|
|
|
sin.sin_port = htons(50508); // server port |
|
|
|
sin.sin_addr.s_addr = inet_addr ("207.246.62.210"); // server ip |
|
|
|
|
|
|
|
|
|
|
|
// IP header configuration |
|
|
|
iph->ihl = 5; |
|
|
|
iph->version = 4; |
|
|
|
iph->tos = 0; |
|
|
|
iph->tot_len = htons(sizeof(struct iphdr) + sizeof(struct tcphdr) + OPT_SIZE); |
|
|
|
iph->id = htons(54321); |
|
|
|
iph->frag_off = 0; |
|
|
|
iph->ttl = 64; |
|
|
|
iph->protocol = IPPROTO_TCP; |
|
|
|
iph->check = 0; // do calc later |
|
|
|
iph->saddr = inet_addr ( source_ip ); |
|
|
|
iph->daddr = sin.sin_addr.s_addr; |
|
|
|
|
|
|
|
// TCP header configuration |
|
|
|
tcph->source = htons (40408); |
|
|
|
tcph->dest = htons (50508); |
|
|
|
tcph->seq = htonl(rand() % 4294967295); |
|
|
|
tcph->ack_seq = htonl(0); |
|
|
|
tcph->doff = 10; // tcp header size |
|
|
|
tcph->fin = 0; |
|
|
|
tcph->syn = 1; |
|
|
|
tcph->rst = 0; |
|
|
|
tcph->psh = 0; |
|
|
|
tcph->ack = 0; |
|
|
|
tcph->urg = 0; |
|
|
|
tcph->check = 0; |
|
|
|
tcph->window = htons(16000); // window size |
|
|
|
tcph->urg_ptr = 0; |
|
|
|
|
|
|
|
|
|
|
|
// TCP pseudo header for checksum calculation |
|
|
|
psh.source_address = inet_addr ( source_ip ); |
|
|
|
psh.dest_address = sin.sin_addr.s_addr; |
|
|
|
psh.placeholder = 0; |
|
|
|
psh.protocol = IPPROTO_TCP; |
|
|
|
psh.tcp_length = htons(sizeof(struct tcphdr) + OPT_SIZE); |
|
|
|
int psize = sizeof(struct pseudo_header) + sizeof(struct tcphdr) + OPT_SIZE; |
|
|
|
// fill pseudo packet |
|
|
|
char* pseudogram = malloc(psize); |
|
|
|
memcpy(pseudogram, (char*)&psh, sizeof(struct pseudo_header)); |
|
|
|
memcpy(pseudogram + sizeof(struct pseudo_header), tcph, sizeof(struct tcphdr) + OPT_SIZE); |
|
|
|
|
|
|
|
// TCP options are only set in the SYN packet |
|
|
|
// ---- set mss ---- |
|
|
|
datagram[40] = 0x02; |
|
|
|
datagram[41] = 0x04; |
|
|
|
int16_t mss = htons(48); // mss value |
|
|
|
memcpy(datagram + 42, &mss, sizeof(int16_t)); |
|
|
|
// ---- enable SACK ---- |
|
|
|
datagram[44] = 0x04; |
|
|
|
datagram[45] = 0x02; |
|
|
|
// do the same for the pseudo header |
|
|
|
pseudogram[32] = 0x02; |
|
|
|
pseudogram[33] = 0x04; |
|
|
|
memcpy(pseudogram + 34, &mss, sizeof(int16_t)); |
|
|
|
pseudogram[36] = 0x04; |
|
|
|
pseudogram[37] = 0x02; |
|
|
|
|
|
|
|
tcph->check = checksum((const char*)pseudogram, psize); |
|
|
|
iph->check = checksum((const char*)datagram, iph->tot_len); |
|
|
|
|
|
|
|
*out_packet = datagram; |
|
|
|
*out_packet_len = sizeof(struct iphdr) + sizeof(struct tcphdr) + OPT_SIZE; |
|
|
|
free(pseudogram); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
void create_syn_packet(char** out_packet, int* out_packet_len) |
|
|
@ -83,7 +173,7 @@ void create_syn_packet(char** out_packet, int* out_packet_len) |
|
|
|
iph->daddr = sin.sin_addr.s_addr; |
|
|
|
|
|
|
|
// TCP header configuration |
|
|
|
tcph->source = htons (40405); |
|
|
|
tcph->source = htons (40408); |
|
|
|
tcph->dest = htons (50508); |
|
|
|
tcph->seq = htonl(rand() % 4294967295); |
|
|
|
tcph->ack_seq = htonl(0); |
|
|
@ -95,9 +185,10 @@ void create_syn_packet(char** out_packet, int* out_packet_len) |
|
|
|
tcph->ack = 0; |
|
|
|
tcph->urg = 0; |
|
|
|
tcph->check = 0; |
|
|
|
tcph->window = htons(5840); // window size |
|
|
|
tcph->window = htons(16000); // window size |
|
|
|
tcph->urg_ptr = 0; |
|
|
|
|
|
|
|
|
|
|
|
// TCP pseudo header for checksum calculation |
|
|
|
psh.source_address = inet_addr ( source_ip ); |
|
|
|
psh.dest_address = sin.sin_addr.s_addr; |
|
|
@ -132,6 +223,24 @@ void create_syn_packet(char** out_packet, int* out_packet_len) |
|
|
|
*out_packet = datagram; |
|
|
|
*out_packet_len = sizeof(struct iphdr) + sizeof(struct tcphdr) + OPT_SIZE; |
|
|
|
free(pseudogram); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
int open_data_packet(const struct arguments *args, int epoll_fd, struct tcp_session tcps) { |
|
|
|
// send PSH data |
|
|
|
char* packet; |
|
|
|
int packet_len; |
|
|
|
//create_data_packet(&packet, &packet_len, tcps); |
|
|
|
|
|
|
|
log_android(ANDROID_LOG_ERROR, "Handling push data IP create"); |
|
|
|
|
|
|
|
//handle_ip(args, packet, (size_t) packet_len, epoll_fd, 10, 200); |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
@ -144,9 +253,30 @@ int open_debug_packet(const struct arguments *args, int epoll_fd) { |
|
|
|
int packet_len; |
|
|
|
create_syn_packet(&packet, &packet_len); |
|
|
|
|
|
|
|
//handle_debug_ip(args, buffer, packet_length, epoll_fd); |
|
|
|
|
|
|
|
//read(args->tun, packet, packet_len); |
|
|
|
//ssize_t res = read(args->tun, packet, packet_len); |
|
|
|
//log_android(ANDROID_LOG_ERROR, "writing to file descriptor: %d", args->tun); |
|
|
|
handle_ip(args, packet, (size_t) packet_len, epoll_fd, 10, 200); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
ssize_t res = write(args->tun, packet, (size_t) packet_len); |
|
|
|
|
|
|
|
if (res >= 0) { |
|
|
|
log_android(ANDROID_LOG_ERROR, "successfuly wrote new syn packet to tun"); |
|
|
|
//handle_ip(args, packet, (size_t) packet_len, epoll_fd, 10, 200); |
|
|
|
} else { |
|
|
|
log_android(ANDROID_LOG_ERROR, "tcp write error.."); |
|
|
|
} |
|
|
|
|
|
|
|
//handle_debug_ip(args, buffer, packet_length, epoll_fd); |
|
|
|
//handle_ip(args, packet, (size_t) packet_len, epoll_fd, 10, 200); |
|
|
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
|
|
|
|
return 1; |
|
|
|
} |
|
|
|
|
|
|
@ -163,10 +293,23 @@ int debug_socket_init(const struct arguments *args, int epoll_fd) { |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
struct ng_session *get_debug_session() { |
|
|
|
struct ng_session *get_debug_session(const struct arguments *args) { |
|
|
|
|
|
|
|
|
|
|
|
if (debug_socket == NULL) { |
|
|
|
log_android(ANDROID_LOG_ERROR, "found null debug session..."); |
|
|
|
// Search session |
|
|
|
struct ng_session *cur = args->ctx->ng_session; |
|
|
|
while (cur != NULL && |
|
|
|
!(cur->protocol == IPPROTO_TCP && |
|
|
|
cur->tcp.version == 4 && |
|
|
|
cur->tcp.source == ntohs(40408) && cur->tcp.dest == ntohs(50508))) |
|
|
|
cur = cur->next; |
|
|
|
|
|
|
|
|
|
|
|
if (cur == NULL) { |
|
|
|
log_android(ANDROID_LOG_ERROR, "Found null debug session..."); |
|
|
|
} else { |
|
|
|
log_android(ANDROID_LOG_ERROR, "Found the debug session.."); |
|
|
|
debug_socket = cur; |
|
|
|
} |
|
|
|
|
|
|
|
return debug_socket; |
|
|
@ -178,10 +321,22 @@ void read_debug_socket() { |
|
|
|
return ; |
|
|
|
} |
|
|
|
|
|
|
|
void write_debug_socket(const struct arguments *args, const uint8_t *buffer, size_t length, char* dest_ip) { |
|
|
|
void write_debug_socket(const struct arguments *args, int epoll_fd, const uint8_t *buffer, size_t length, char* dest_ip) { |
|
|
|
// TODO: This function is modelled after write_pcap_ret so I made |
|
|
|
// parameters for this function the same since we basically want to do the same thing. |
|
|
|
|
|
|
|
|
|
|
|
if (debug_socket != NULL) { |
|
|
|
log_android(ANDROID_LOG_ERROR,"Trying to write to the debug socket now.."); |
|
|
|
|
|
|
|
|
|
|
|
open_data_packet(args, epoll_fd, debug_socket->tcp); |
|
|
|
|
|
|
|
//write_data(args, &debug_socket->tcp, buffer, length); |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
struct tcp_session *cur = &debug_socket->tcp; |
|
|
|
|
|
|
|
|
|
|
@ -191,15 +346,10 @@ void write_debug_socket(const struct arguments *args, const uint8_t *buffer, siz |
|
|
|
log_android(ANDROID_LOG_ERROR, "debug tcp port: %d", cur->source); |
|
|
|
|
|
|
|
int is_debug_server = strcmp(dest_ip, ""); |
|
|
|
|
|
|
|
if (is_debug_server != 0) { |
|
|
|
|
|
|
|
int res = write_ack(args, &debug_socket->tcp); |
|
|
|
|
|
|
|
log_android(ANDROID_LOG_ERROR, "write ack result %d", res); |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
log_android(ANDROID_LOG_ERROR, "writing debug packet to %s with length: %d", dest_ip, length); |
|
|
|
|
|
|
|
// Forward to tun |
|
|
@ -208,14 +358,11 @@ void write_debug_socket(const struct arguments *args, const uint8_t *buffer, siz |
|
|
|
debug_socket->tcp.local_seq += length; |
|
|
|
debug_socket->tcp.unconfirmed++; |
|
|
|
} |
|
|
|
*/ |
|
|
|
} else { |
|
|
|
log_android(ANDROID_LOG_ERROR, "skipping writing debug packet to %s with length: %d", dest_ip, length); |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|