Net::Packet::Shell - Scapy like implementation using Net::Packet, just to prove it
perl -MNet::Packet::Shell -e nps # Optional, just to change default interface and related nps> $Env->updateDevInfo('127.0.0.1') # Basic example IPv4 with TCP # See also examples/ip4-tcp.pl for a scripted version nps> sd F(IPv4,TCP(dst=>443)) # Advanced example: an IPv6 frame within IPv4 # See also examples/ip6-within-ip4.pl for a scripted version nps> $ip6=F(IPv6,TCP) nps> $Env->doIPv4Checksum(1); $Env->noFrameComputeLengths(1) nps> $ip4=F(ETH,IPv4(protocol=>NP_IPv4_PROTOCOL_IPv6, \ length=>NP_IPv4_HDR_LEN+$ip6->getLength)) nps> sr $ip4->raw.$ip6->raw # Sniffing (an IPv6 frame within IPv4 is shown) nps> sniff L2:+ETH: dst:ff:ff:ff:ff:ff:ff src:ff:ff:ff:ff:ff:ff type:0x0800 L3:+IPv4: version:4 hlen:5 tos:0x00 length:60 id:36492 L3: IPv4: flags:0x00 offset:0 ttl:128 protocol:0x29 checksum:0xae0a L3: IPv4: src:127.0.0.1 dst:127.0.0.1 L3:+IPv6: version:6 trafficClass:0x00 flowLabel:0x00000 nextHeader:0x06 L3: IPv6: payloadLength:20 hopLimit:255 L3: IPv6: src:::1 dst:::1 L4:+TCP: src:20692 dst:0 seq:0x7bf55f60 ack:0x0000 L4: TCP: off:0x05 x2:0x0 flags:0x2 win:65535 checksum:0x83b7 urp:0x00 # Sniffing with filter nps> sniff('tcp') # Dsniff tiny implementation nps> dsniff # Dsniff tiny implementation with filter nps> dsniff('tcp and port 110') # Read a pcap file nps> read('file.pcap')
Net::Packet::Shell is, as the name imply, a shell program to use Net::Packet. With it, you will be able to send crafted frames (via Net::Packet::Frame), or send raw data using directly related layers you wish to use.
It is also scriptable, while personaly I prefer to directly use Net::Packet for scripted tasks. You can see examples scripts from examples directory in the source tarball.
The main behaviour of Net::Packet::Shell is driven by a Net::Packet::Env object. I suggest you to read the man page (... now). Basically, the default $Env object used has the following values set: noFramePadding(1), noFrameComputeLengths(0), noFrameComputeChecksums(0), doIPv4Checksum(0).
These default values change when you send a frame with sd2 or sd3 (and sd, we will see that), to comply with kernel restrictions, and hopefully to help the user automate simple tasks. But at the end of the send call, default values will be reset as they were originally.
You can use sr if you want to fully control the sending process. With this method, you simply pass a raw string (and not a Net::Packet::Frame object), and it is directly written at layer 2 on the network. In this case, you are in charge of handling checksums, and lengths of the frame. There are helpers, though.
For a guide on how to use these helpers, see Net::Packet::Frame and Net::Packet::Env.
This is the function to run for starting Net::Packet::Shell. You will then be able to use the following functions. You do not use this function at all if you want to script Net::Packet::Shell. See SYNOPSIS.
You pass a raw string as a parameter, and it is directly written to the network, with no analyze at all. No checksums, no lengths will be computed before sending, you are on your own.
This one is a wrapper around sd2 and sd3. That is, it will use internally sd2 to send frame if it has a layer 2 built-in. If will use internally sd3 if the frame has a layer3 buil-in, and no a layer 2.
After a successfull call to sd, or sd2, or sd3, Net::Packet::Env env object will be reinitialized to default behaviour for Net::Packet::Shell.
Sending frame here will auto-compute checksums and lengths, when implemented in the respective layers. Frame will be sent at layer 2.
Sending frame here will auto-compute checksums and lengths, when implemented in the respective layers. Frame will be sent at layer 3.
You pass a pcap file as a parameter, and it will be decoded and each frames printed to standard output.
This function will sniff the network using the default interface (set by default Net::Packet::Env env object). It will decode each seen frames, and print them to standard output.
You can pass a pcap filter as a parameter to select only the traffic you want.
This is a small implementation of Dug Song's Dsniff tool.
Function packager for various layers. This is equivalent to Net::Packet::Frame. When a frame object is created with various layers, they will be packed, and assembled into a raw string.
If Net::Packet::Env env object has its attributes noFrameComputeChecksums, noFrameComputeLengths, doIPv4Checksum set to true of false values, it will have an impact on the packing of the frame.
So, the packing will compute checksums and lengths, only if you tell it via this Net::Packet::Env env object.
All the following functions handles respective layers. To know more about parameters they take, see respective Net::Packet pod (example for ETH: Net::Packet::ETH).
Net::Packet, Net::Packet::Env, Net::Packet::Frame
Patrice <GomoR> Auffret
Copyright (c) 2006-2010, Patrice <GomoR> Auffret
You may distribute this module under the terms of the Artistic license. See LICENSE.Artistic file in the source distribution archive.
To install Net::Packet::Shell, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Net::Packet::Shell
CPAN shell
perl -MCPAN -e shell install Net::Packet::Shell
For more information on module installation, please visit the detailed CPAN module installation guide.