Documentation

Overview

    Package packets contains structure declarations for network packets and the main packets queue.

    Index

    Constants

    View Source
    const (
    	Krb5AsRequestType         = 10
    	Krb5Krb5PrincipalNameType = 1
    	Krb5CryptDesCbcMd4        = 2
    	Krb5CryptDescCbcMd5       = 3
    	Krb5CryptRc4Hmac          = 23
    )
    View Source
    const (
    	NBNSPort        = 137
    	NBNSMinRespSize = 73
    )
    View Source
    const (
    	NTLM_SIG_OFFSET  = 0
    	NTLM_TYPE_OFFSET = 8
    
    	NTLM_TYPE1_FLAGS_OFFSET   = 12
    	NTLM_TYPE1_DOMAIN_OFFSET  = 16
    	NTLM_TYPE1_WORKSTN_OFFSET = 24
    	NTLM_TYPE1_DATA_OFFSET    = 32
    	NTLM_TYPE1_MINSIZE        = 16
    
    	NTLM_TYPE2_TARGET_OFFSET     = 12
    	NTLM_TYPE2_FLAGS_OFFSET      = 20
    	NTLM_TYPE2_CHALLENGE_OFFSET  = 24
    	NTLM_TYPE2_CONTEXT_OFFSET    = 32
    	NTLM_TYPE2_TARGETINFO_OFFSET = 40
    	NTLM_TYPE2_DATA_OFFSET       = 48
    	NTLM_TYPE2_MINSIZE           = 32
    
    	NTLM_TYPE3_LMRESP_OFFSET     = 12
    	NTLM_TYPE3_NTRESP_OFFSET     = 20
    	NTLM_TYPE3_DOMAIN_OFFSET     = 28
    	NTLM_TYPE3_USER_OFFSET       = 36
    	NTLM_TYPE3_WORKSTN_OFFSET    = 44
    	NTLM_TYPE3_SESSIONKEY_OFFSET = 52
    	NTLM_TYPE3_FLAGS_OFFSET      = 60
    	NTLM_TYPE3_DATA_OFFSET       = 64
    	NTLM_TYPE3_MINSIZE           = 52
    
    	NTLM_BUFFER_LEN_OFFSET    = 0
    	NTLM_BUFFER_MAXLEN_OFFSET = 2
    	NTLM_BUFFER_OFFSET_OFFSET = 4
    	NTLM_BUFFER_SIZE          = 8
    
    	NtlmV1 = 1
    	NtlmV2 = 2
    )
    View Source
    const DHCP6OptClientFQDN = 39
    View Source
    const DHCP6OptDNSDomains = 24
    View Source
    const DHCP6OptDNSServers = 23
    View Source
    const IPv6Prefix = "fe80::"

      link-local

      View Source
      const MDNSPort = 5353
      View Source
      const TeamViewerPort = 5938
      View Source
      const (
      	UPNPPort = 1900
      )
      View Source
      const (
      	WSDPort = 3702
      )

      Variables

      View Source
      var (
      	ErrNoCrypt  = errors.New("No crypt alg found")
      	ErrReqData  = errors.New("Failed to extract pnData from as-req")
      	ErrNoCipher = errors.New("No encryption type or cipher found")
      
      	Krb5AsReqParam = "application,explicit,tag:10"
      )
      View Source
      var (
      	MDNSDestMac = net.HardwareAddr{0x01, 0x00, 0x5e, 0x00, 0x00, 0xfb}
      	MDNSDestIP  = net.ParseIP("224.0.0.251")
      )
      View Source
      var (
      	MySQLGreeting = []byte{
      		0x5b, 0x00, 0x00, 0x00, 0x0a, 0x35, 0x2e, 0x36,
      		0x2e, 0x32, 0x38, 0x2d, 0x30, 0x75, 0x62, 0x75,
      		0x6e, 0x74, 0x75, 0x30, 0x2e, 0x31, 0x34, 0x2e,
      		0x30, 0x34, 0x2e, 0x31, 0x00, 0x2d, 0x00, 0x00,
      		0x00, 0x40, 0x3f, 0x59, 0x26, 0x4b, 0x2b, 0x34,
      		0x60, 0x00, 0xff, 0xf7, 0x08, 0x02, 0x00, 0x7f,
      		0x80, 0x15, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
      		0x00, 0x00, 0x00, 0x00, 0x68, 0x69, 0x59, 0x5f,
      		0x52, 0x5f, 0x63, 0x55, 0x60, 0x64, 0x53, 0x52,
      		0x00, 0x6d, 0x79, 0x73, 0x71, 0x6c, 0x5f, 0x6e,
      		0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x70, 0x61,
      		0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x00,
      	}
      	MySQLFirstResponseOK = []byte{
      		0x07, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x02,
      		0x00, 0x00, 0x00,
      	}
      	MySQLSecondResponseOK = []byte{
      		0x07, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x02,
      		0x00, 0x00, 0x00,
      	}
      )
      View Source
      var (
      	UPNPDestMac          = net.HardwareAddr{0x01, 0x00, 0x5e, 0x00, 0x00, 0xfb}
      	UPNPDestIP           = net.ParseIP("239.255.255.250")
      	UPNPDiscoveryPayload = []byte("M-SEARCH * HTTP/1.1\r\n" +
      		fmt.Sprintf("Host: %s:%d\r\n", UPNPDestIP, UPNPPort) +
      		"Man: ssdp:discover\r\n" +
      		"ST: ssdp:all\r\n" +
      		"MX: 2\r\n" +
      		"\r\n")
      )
      View Source
      var (
      	WSDDestIP           = net.ParseIP("239.255.255.250")
      	WSDDiscoveryPayload = []byte("<?xml version=\"1.0\" encoding=\"utf-8\" ?>" +
      		"<soap:Envelope" +
      		" xmlns:soap=\"http://www.w3.org/2003/05/soap-envelope\"" +
      		" xmlns:wsa=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"" +
      		" xmlns:wsd=\"http://schemas.xmlsoap.org/ws/2005/04/discovery\"" +
      		" xmlns:wsdp=\"http://schemas.xmlsoap.org/ws/2006/02/devprof\">" +
      		"<soap:Header>" +
      		"<wsa:To>urn:schemas-xmlsoap-org:ws:2005:04:discovery</wsa:To>" +
      		"<wsa:Action>http://schemas.xmlsoap.org/ws/2005/04/discovery/Probe</wsa:Action>" +
      		"<wsa:MessageID>urn:uuid:05a0036e-dcc8-4db8-98b6-0ceeee60a6d9</wsa:MessageID>" +
      		"</soap:Header>" +
      		"<soap:Body>" +
      		"<wsd:Probe/>" +
      		"</soap:Body>" +
      		"</env:Envelope>")
      )
      View Source
      var (
      	ErrNoCID = errors.New("Unexpected DHCPv6 packet, could not find client id.")
      )
      View Source
      var (
      	// NBNS hostname resolution request buffer.
      	NBNSRequest = []byte{
      		0x82, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0,
      		0x0, 0x0, 0x20, 0x43, 0x4B, 0x41, 0x41, 0x41, 0x41,
      		0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
      		0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
      		0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x0,
      		0x0, 0x21, 0x0, 0x1,
      	}
      )
      View Source
      var SerializationOptions = gopacket.SerializeOptions{
      	FixLengths:       true,
      	ComputeChecksums: true,
      }

      Functions

      func DHCP6EncodeList

      func DHCP6EncodeList(elements []string) (encoded []byte)

      func DHCP6For

      func DHCP6For(what dhcp6.MessageType, to dhcp6.Packet, duid []byte) (err error, p dhcp6.Packet)

      func Dot11InformationElementIDDSSetDecode

      func Dot11InformationElementIDDSSetDecode(buf []byte) (channel int, err error)

      func Dot11IsDataFor

      func Dot11IsDataFor(dot11 *layers.Dot11, station net.HardwareAddr) bool

      func Dot11Parse

      func Dot11Parse(packet gopacket.Packet) (ok bool, radiotap *layers.RadioTap, dot11 *layers.Dot11)

      func Dot11ParseDSSet

      func Dot11ParseDSSet(packet gopacket.Packet) (bool, int)

      func Dot11ParseEAPOL

      func Dot11ParseEAPOL(packet gopacket.Packet, dot11 *layers.Dot11) (ok bool, key *layers.EAPOLKey, apMac net.HardwareAddr, staMac net.HardwareAddr)

      func Dot11ParseEncryption

      func Dot11ParseEncryption(packet gopacket.Packet, dot11 *layers.Dot11) (bool, string, string, string)

      func Dot11ParseIDSSID

      func Dot11ParseIDSSID(packet gopacket.Packet) (bool, string)

      func Dot11ParseWPS

      func Dot11ParseWPS(packet gopacket.Packet, dot11 *layers.Dot11) (ok bool, bssid net.HardwareAddr, info map[string]string)

      func MDNSGetMeta

      func MDNSGetMeta(pkt gopacket.Packet) map[string]string

      func MySQLGetFile

      func MySQLGetFile(infile string) []byte

      func NBNSGetMeta

      func NBNSGetMeta(pkt gopacket.Packet) map[string]string

      func NewARP

      func NewARP(from net.IP, from_hw net.HardwareAddr, to net.IP, req uint16) (layers.Ethernet, layers.ARP)

      func NewARPReply

      func NewARPReply(from net.IP, from_hw net.HardwareAddr, to net.IP, to_hw net.HardwareAddr) (error, []byte)

      func NewARPRequest

      func NewARPRequest(from net.IP, from_hw net.HardwareAddr, to net.IP) (error, []byte)

      func NewARPTo

      func NewARPTo(from net.IP, from_hw net.HardwareAddr, to net.IP, to_hw net.HardwareAddr, req uint16) (layers.Ethernet, layers.ARP)

      func NewDot11AssociationRequest

      func NewDot11AssociationRequest(sta net.HardwareAddr, apBSSID net.HardwareAddr, apESSID string, seq uint16) (error, []byte)

      func NewDot11Auth

      func NewDot11Auth(sta net.HardwareAddr, apBSSID net.HardwareAddr, seq uint16) (error, []byte)

      func NewDot11Beacon

      func NewDot11Beacon(conf Dot11ApConfig, seq uint16) (error, []byte)

      func NewDot11Deauth

      func NewDot11Deauth(a1 net.HardwareAddr, a2 net.HardwareAddr, a3 net.HardwareAddr, seq uint16) (error, []byte)

      func NewMDNSProbe

      func NewMDNSProbe(from net.IP, from_hw net.HardwareAddr) (error, []byte)

      func NewTCPSyn

      func NewTCPSyn(from net.IP, from_hw net.HardwareAddr, to net.IP, to_hw net.HardwareAddr, srcPort int, dstPort int) (error, []byte)

      func NewUDPProbe

      func NewUDPProbe(from net.IP, from_hw net.HardwareAddr, to net.IP, port int) (error, []byte)

      func Serialize

      func Serialize(layers ...gopacket.SerializableLayer) (error, []byte)

      func UPNPGetMeta

      func UPNPGetMeta(pkt gopacket.Packet) map[string]string

      Types

      type Activity

      type Activity struct {
      	IP     net.IP
      	MAC    net.HardwareAddr
      	Meta   map[string]string
      	Source bool
      }

      type AuthSuite

      type AuthSuite struct {
      	OUI  []byte // 3 bytes
      	Type Dot11AuthType
      }

      type AuthSuiteSelector

      type AuthSuiteSelector struct {
      	Count  uint16
      	Suites []AuthSuite
      }

      type CipherSuite

      type CipherSuite struct {
      	OUI  []byte // 3 bytes
      	Type Dot11CipherType
      }

      type CipherSuiteSelector

      type CipherSuiteSelector struct {
      	Count  uint16
      	Suites []CipherSuite
      }

      type DHCPv6Layer

      type DHCPv6Layer struct {
      	Raw []byte
      }

      func (*DHCPv6Layer) LayerType

      func (l *DHCPv6Layer) LayerType() gopacket.LayerType

      func (DHCPv6Layer) SerializeTo

      type Dot11ApConfig

      type Dot11ApConfig struct {
      	SSID       string
      	BSSID      net.HardwareAddr
      	Channel    int
      	Encryption bool
      }

      type Dot11AuthType

      type Dot11AuthType uint8
      const (
      	Dot11AuthMgt Dot11AuthType = 1
      	Dot11AuthPsk Dot11AuthType = 2
      )

      func (Dot11AuthType) String

      func (a Dot11AuthType) String() string

      type Dot11CipherType

      type Dot11CipherType uint8
      const (
      	Dot11CipherWep    Dot11CipherType = 1
      	Dot11CipherTkip   Dot11CipherType = 2
      	Dot11CipherWrap   Dot11CipherType = 3
      	Dot11CipherCcmp   Dot11CipherType = 4
      	Dot11CipherWep104 Dot11CipherType = 5
      )

      func (Dot11CipherType) String

      func (a Dot11CipherType) String() string

      type Krb5Address

      type Krb5Address struct {
      	AddrType    int    `asn1:"explicit,tag:0"`
      	Krb5Address []byte `asn1:"explicit,tag:1"`
      }

      type Krb5EncryptedData

      type Krb5EncryptedData struct {
      	Etype  int    `asn1:"explicit,tag:0"`
      	Kvno   int    `asn1:"optional,explicit,tag:1"`
      	Cipher []byte `asn1:"explicit,tag:2"`
      }

      type Krb5PnData

      type Krb5PnData struct {
      	Krb5PnDataType  int    `asn1:"explicit,tag:1"`
      	Krb5PnDataValue []byte `asn1:"explicit,tag:2"`
      }

      type Krb5PrincipalName

      type Krb5PrincipalName struct {
      	NameType   int      `asn1:"explicit,tag:0"`
      	NameString []string `asn1:"general,explicit,tag:1"`
      }

      type Krb5ReqBody

      type Krb5ReqBody struct {
      	KDCOptions            asn1.BitString    `asn1:"explicit,tag:0"`
      	Cname                 Krb5PrincipalName `asn1:"optional,explicit,tag:1"`
      	Realm                 string            `asn1:"general,explicit,tag:2"`
      	Sname                 Krb5PrincipalName `asn1:"optional,explicit,tag:3"`
      	From                  time.Time         `asn1:"generalized,optional,explicit,tag:4"`
      	Till                  time.Time         `asn1:"generalized,optional,explicit,tag:5"`
      	Rtime                 time.Time         `asn1:"generalized,optional,explicit,tag:6"`
      	Nonce                 int               `asn1:"explicit,tag:7"`
      	Etype                 []int             `asn1:"explicit,tag:8"`
      	Krb5Addresses         []Krb5Address     `asn1:"optional,explicit,tag:9"`
      	EncAuthData           Krb5EncryptedData `asn1:"optional,explicit,tag:10"`
      	AdditionalKrb5Tickets []Krb5Ticket      `asn1:"optional,explicit,tag:11"`
      }

      type Krb5Request

      type Krb5Request struct {
      	Pvno       int          `asn1:"explicit,tag:1"`
      	MsgType    int          `asn1:"explicit,tag:2"`
      	Krb5PnData []Krb5PnData `asn1:"optional,explicit,tag:3"`
      	ReqBody    Krb5ReqBody  `asn1:"explicit,tag:4"`
      }

      func (Krb5Request) String

      func (kdc Krb5Request) String() (string, error)

      type Krb5Ticket

      type Krb5Ticket struct {
      	TktVno  int               `asn1:"explicit,tag:0"`
      	Realm   string            `asn1:"general,explicit,tag:1"`
      	Sname   Krb5PrincipalName `asn1:"explicit,tag:2"`
      	EncPart Krb5EncryptedData `asn1:"explicit,tag:3"`
      }

      type NTLMChallengeResponse

      type NTLMChallengeResponse struct {
      	Challenge string
      	Response  string
      }

      func (*NTLMChallengeResponse) Parsed

      func (NTLMChallengeResponse) ParsedNtLMv1

      func (*NTLMChallengeResponse) ParsedNtLMv2

      type NTLMChallengeResponseParsed

      type NTLMChallengeResponseParsed struct {
      	Type            int
      	ServerChallenge string
      	User            string
      	Domain          string
      	LmHash          string
      	NtHashOne       string
      	NtHashTwo       string
      }

      func (NTLMChallengeResponseParsed) LcString

      func (data NTLMChallengeResponseParsed) LcString() string

      type NTLMResponseHeader

      type NTLMResponseHeader struct {
      	Sig          string
      	Type         uint32
      	LmLen        uint16
      	LmMax        uint16
      	LmOffset     uint16
      	NtLen        uint16
      	NtMax        uint16
      	NtOffset     uint16
      	DomainLen    uint16
      	DomainMax    uint16
      	DomainOffset uint16
      	UserLen      uint16
      	UserMax      uint16
      	UserOffset   uint16
      	HostLen      uint16
      	HostMax      uint16
      	HostOffset   uint16
      }

      type NTLMState

      type NTLMState struct {
      	sync.Mutex
      
      	Responses map[uint32]string
      	Pairs     []NTLMChallengeResponse
      }

      func NewNTLMState

      func NewNTLMState() *NTLMState

      func (*NTLMState) AddClientResponse

      func (s *NTLMState) AddClientResponse(seq uint32, value string, cb func(data NTLMChallengeResponseParsed))

      func (*NTLMState) AddServerResponse

      func (s *NTLMState) AddServerResponse(key uint32, value string)

      type Queue

      type Queue struct {
      	sync.RWMutex
      
      	// keep on top because of https://github.com/bettercap/bettercap/issues/500
      	Stats      Stats
      	Protos     sync.Map
      	Traffic    sync.Map
      	Activities chan Activity
      	// contains filtered or unexported fields
      }

      func NewQueue

      func NewQueue(iface *network.Endpoint) (q *Queue, err error)

      func (*Queue) MarshalJSON

      func (q *Queue) MarshalJSON() ([]byte, error)

      func (*Queue) Send

      func (q *Queue) Send(raw []byte) error

      func (*Queue) Stop

      func (q *Queue) Stop()

      func (*Queue) TrackError

      func (q *Queue) TrackError()

      func (*Queue) TrackPacket

      func (q *Queue) TrackPacket(size uint64)

      func (*Queue) TrackSent

      func (q *Queue) TrackSent(size uint64)

      type RSNInfo

      type RSNInfo struct {
      	Version  uint16
      	Group    CipherSuite
      	Pairwise CipherSuiteSelector
      	AuthKey  AuthSuiteSelector
      }

      func Dot11InformationElementRSNInfoDecode

      func Dot11InformationElementRSNInfoDecode(buf []byte) (rsn RSNInfo, err error)

      type Stats

      type Stats struct {
      	Sent        uint64 `json:"sent"`
      	Received    uint64 `json:"received"`
      	PktReceived uint64 `json:"pkts_received"`
      	Errors      uint64 `json:"errors"`
      }

      type TeamViewerPacket

      type TeamViewerPacket struct {
      	Magic       uint16
      	Version     string
      	CommandCode uint8
      	Command     string
      }

      func ParseTeamViewer

      func ParseTeamViewer(data []byte) *TeamViewerPacket

      type Traffic

      type Traffic struct {
      	Sent     uint64 `json:"sent"`
      	Received uint64 `json:"received"`
      }

      type VendorInfo

      type VendorInfo struct {
      	WPAVersion uint16
      	Multicast  CipherSuite
      	Unicast    CipherSuiteSelector
      	AuthKey    AuthSuiteSelector
      }

      func Dot11InformationElementVendorInfoDecode

      func Dot11InformationElementVendorInfoDecode(buf []byte) (v VendorInfo, err error)