overflow_scanner/probe
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ing

Browse Source
This commit is contained in:
crusader 2018-09-05 15:16:00 +09:00
parent 4728182733
commit 9a8684e25a
1 changed files with 80 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
discovery/protocol/icmp/privileged/icmpv6.go
View File

@ -3,7 +3,6 @@ package privileged
import ( import (
"fmt" "fmt"
"log" "log"
"math/rand"
"net" "net"
"sync/atomic" "sync/atomic"
"time" "time"
@ -15,8 +14,6 @@ import (
"git.loafle.net/overflow_scanner/probe/internal/pcap" "git.loafle.net/overflow_scanner/probe/internal/pcap"
"github.com/google/gopacket" "github.com/google/gopacket"
"github.com/google/gopacket/layers" "github.com/google/gopacket/layers"
"golang.org/x/net/icmp"
"golang.org/x/net/ipv6"
) )
func scanV6(discoverySession session.DiscoverySession) error { func scanV6(discoverySession session.DiscoverySession) error {
@ -38,17 +35,21 @@ func scanV6(discoverySession session.DiscoverySession) error {
}() }()
timerStopped := make(chan struct{}) timerStopped := make(chan struct{})
stopChan := make(chan struct{})
defer close(stopChan)
go func() { go func() {
hosts := make(map[string]*omd.Host) hosts := make(map[string]*omd.Host)
var delay atomic.Value var delay atomic.Value
delay.Store(false) delay.Store(false)
ticker := time.NewTicker(time.Millisecond * 500) ticker := time.NewTicker(time.Millisecond * 1000)
for { for {
select { select {
case packet, ok := <-icmpChan: case packet, ok := <-icmpChan:
if !ok { if !ok {
// logging.Logger().Debugf("icmp channel is closed")
return return
} }
delay.Store(true) delay.Store(true)
@ -66,7 +67,7 @@ func scanV6(discoverySession session.DiscoverySession) error {
} }
}() }()
if err := sendICMP6(ps, zone, targetHosts); nil != err { if err := sendICMP6(ps, discoverySession, stopChan); nil != err {
log.Printf("sendICMP %v", err) log.Printf("sendICMP %v", err)
return nil return nil
} }
@ -79,31 +80,49 @@ func scanV6(discoverySession session.DiscoverySession) error {
} }
} }
func sendICMP6(ps pcap.PCapScanner, zone *omd.Zone, targetHosts []net.IP) error { func sendICMP6(ps pcap.PCapScanner, discoverySession session.DiscoverySession, stopChan chan struct{}) error {
conn, err := icmp.ListenPacket("ip6:ipv6-icmp", "") targetHosts := discoverySession.TargetHosts()
if nil != err {
return err
}
defer conn.Close()
msg, err := makeMessageICMP6() icmp6Packet, err := makePacketICMPv6(discoverySession.Zone())
if nil != err { if nil != err {
return err return err
} }
var dst net.IPAddr buf := gopacket.NewSerializeBuffer()
LOOP: LOOP:
for _, targetHost := range targetHosts { for _, targetHost := range targetHosts {
dst.IP = targetHost h := discoverySession.DiscoveredHost(targetHost.String())
if _, err := conn.WriteTo(msg, &dst); nil != err { if nil != h && "" != h.Mac {
mac, err := net.ParseMAC(h.Mac)
if nil != err {
icmp6Packet.Eth.DstMAC = nil
} else {
icmp6Packet.Eth.DstMAC = mac
}
}
if nil == icmp6Packet.Eth.DstMAC {
icmp6Packet.Eth.DstMAC = net.HardwareAddr{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}
}
icmp6Packet.IP.DstIP = targetHost
if err := gopacket.SerializeLayers(buf, icmp6Packet.Opts, icmp6Packet.Eth, icmp6Packet.IP, icmp6Packet.ICMPv6); err != nil {
log.Print(err)
continue LOOP
}
if err := ps.WritePacketData(buf.Bytes()); err != nil {
log.Print(err)
continue LOOP continue LOOP
} }
select { select {
case <-time.After(time.Microsecond * 100): case <-time.After(time.Microsecond * 100):
case <-stopChan:
return nil
} }
} }
return nil return nil
} }
@ -151,17 +170,49 @@ func handlePacketICMP6(zone *omd.Zone, targetHosts []net.IP, hosts map[string]*o
return h return h
} }
func makeMessageICMP6() ([]byte, error) { type PacketICMPv6 struct {
id := rand.Intn(0xffff) Eth *layers.Ethernet
seq := rand.Intn(0xffff) IP *layers.IPv6
ICMPv6 *layers.ICMPv6
return (&icmp.Message{ Opts gopacket.SerializeOptions
Type: ipv6.ICMPTypeEchoRequest, }
Code: 0,
Body: &icmp.Echo{ func makePacketICMPv6(zone *omd.Zone) (*PacketICMPv6, error) {
ID: id, packetICMPv6 := &PacketICMPv6{}
Seq: seq,
Data: []byte("PING by overFlow"), srcIP := net.ParseIP(zone.Address)
}, if nil == srcIP {
}).Marshal(nil) return nil, fmt.Errorf("IP(%s) of zone is not valid", zone.Address)
}
srcMac, err := net.ParseMAC(zone.Mac)
if nil != err {
return nil, err
}
packetICMPv6.Eth = &layers.Ethernet{
SrcMAC: srcMac,
EthernetType: layers.EthernetTypeIPv6,
}
packetICMPv6.IP = &layers.IPv6{
Version: 6,
TrafficClass: 0,
FlowLabel: 0,
Length: 24,
NextHeader: layers.IPProtocolICMPv6,
HopLimit: 255,
SrcIP: srcIP,
}
packetICMPv6.ICMPv6 = &layers.ICMPv6{
TypeCode: layers.CreateICMPv6TypeCode(layers.ICMPv6TypeEchoRequest, 0),
}
packetICMPv6.Opts = gopacket.SerializeOptions{
ComputeChecksums: true,
FixLengths: true,
}
return packetICMPv6, nil
} }