Adds a new module that demonstrates IP spoofing.

git-svn-id: file:///home/svn/framework3/trunk@5567 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-22 19:37:05 +00:00 · 2008-07-22 19:37:05 +00:00 · 43f9501c52
parent ca7c8b0f68
commit 43f9501c52
3 changed files with 65 additions and 3 deletions
--- a/lib/scruby/field.rb
+++ b/lib/scruby/field.rb
@ -11,7 +11,8 @@
 # General Public License for more details. 

 module Scruby
-
+	require "rex/socket"
+	
 	# Trackin fields
 	@@fields = {}

@ -579,8 +580,7 @@ module Scruby

 		# Ruby equivalent to inet_aton. It takes a hostname or an IP as an argument.
 		def inet_aton(name)
-			ip = Socket.getaddrinfo(name, nil)[0][3]
-			return [IPAddr.new(ip).to_i].pack(@format)
+			ip = Rex::Socket.resolv_nbo(name)
 		end

 		def to_net(value)
--- a/lib/scruby/packet.rb
+++ b/lib/scruby/packet.rb
@ -180,6 +180,13 @@ class Packet
 		return Packet.new(@layers_list[index..-1], nil)
 	end

+	# Return the first layer of this type with its payload
+	# Differs from get_layer() in that it returns the layer not the packet object
+	def layer(wanted_layer)
+		ret = get_layer(wanted_layer)
+		ret.layers_list[0]
+	end
+	
 	# Checks wether the packet has a given layer
 	def has_layer(wanted_layer)
 		return (not self.get_layer(wanted_layer).nil?)
--- a/modules/auxiliary/test/ip_spoof.rb
+++ b/modules/auxiliary/test/ip_spoof.rb
@ -0,0 +1,55 @@
+##
+# $Id: scanner_host.rb 5330 2008-01-23 02:28:12Z hdm $
+##
+
+##
+# This file is part of the Metasploit Framework and may be subject to 
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/projects/Framework/
+##
+
+
+require 'msf/core'
+require 'scruby'
+
+module Msf
+
+class Auxiliary::Test::IP_Spoof < Msf::Auxiliary
+
+	include Exploit::Remote::Ip
+	include Auxiliary::Scanner
+		
+	def initialize
+		super(
+			'Name'        => 'Simple IP Spoofing Tester',
+			'Version'     => '$Revision: 5330 $',
+			'Description' => 'Simple IP Spoofing Tester',
+			'Author'      => 'hdm',
+			'License'     => MSF_LICENSE
+		)
+	end
+
+	def run_host(ip)
+		print_status("Sending a packet to host #{ip}")
+		
+		connect_ip if not ip_sock
+		buff = (
+			Scruby::IP.new(
+				:src   => ip, 
+				:dst   => ip,
+				:proto => 17,
+				:ttl   => 255,
+				:id    => 0xdead
+			)/Scruby::UDP.new(
+				:sport => 53,
+				:dport => 53
+			)/"HELLO WORLD"
+		).to_net
+		
+		ip_sock.sendto(buff, ip)
+	end
+
+	
+end
+end