issuhub.com

Hacking - The Art of Exploitation, 2nd Edition

(Romina) #1

246 0x400


typedef struct libnet_dns_hdr DNShdr;

typedef struct libnet_ethernet_hdr ETHERhdr;

typedef struct libnet_icmp_hdr ICMPhdr;

typedef struct libnet_igmp_hdr IGMPhdr;

typedef struct libnet_ip_hdr IPhdr;

The nemesis_arp() function calls a series of other functions from this file:

arp_initdata(), arp_cmdline(), arp_validatedata(), and arp_verbose(). You can

probably guess that these functions initialize data, process command-line argu-

ments, validate data, and do some sort of verbose reporting. The arp_initdata()

function does exactly this, initializing values in statically declared data

structures.

The arp_initdata() function, shown below, sets various elements of the

header structures to the appropriate values for an ARP packet.

From nemesis-arp.c


static void arp_initdata(void)

{

/* defaults */

etherhdr.ether_type = ETHERTYPE_ARP; /* Ethernet type ARP */

memset(etherhdr.ether_shost, 0, 6); /* Ethernet source address */

memset(etherhdr.ether_dhost, 0xff, 6); /* Ethernet destination address */

arphdr.ar_op = ARPOP_REQUEST; /* ARP opcode: request */

arphdr.ar_hrd = ARPHRD_ETHER; /* hardware format: Ethernet */

arphdr.ar_pro = ETHERTYPE_IP; /* protocol format: IP */

arphdr.ar_hln = 6; /* 6 byte hardware addresses */

arphdr.ar_pln = 4; /* 4 byte protocol addresses */

memset(arphdr.ar_sha, 0, 6); /* ARP frame sender address */

memset(arphdr.ar_spa, 0, 4); /* ARP sender protocol (IP) addr */

memset(arphdr.ar_tha, 0, 6); /* ARP frame target address */

memset(arphdr.ar_tpa, 0, 4); /* ARP target protocol (IP) addr */

pd.file_mem = NULL;

pd.file_s = 0;

return;

}

Finally, the nemesis_arp() function calls the function buildarp() with

pointers to the header data structures. Judging from the way the return value

from buildarp() is handled here, buildarp() builds the packet and injects it.

This function is found in yet another source file, nemesis-proto_arp.c.

From nemesis-proto_arp.c


int buildarp(ETHERhdr *eth, ARPhdr *arp, FileData *pd, char *device,

int reply)

{

int n = 0;

u_int32_t arp_packetlen;

static u_int8_t *pkt;

struct libnet_link_int *l2 = NULL;

/* validation tests */
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.