Small TCP dumb C analyzer, sorts types of packets, and outputs data about certain packets found in TCP dump files. It can also re play an attack.
C
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
aja
dnet.examples
logs
packets
.gitignore
Makefile
README
USAGE
driver.c
driver.old.c
driver.tmp.1.c
driver.tmp.c
old
parse.c
parse.h
parse_lab.c
proxy.c
proxy.h
readfile.c
tmpdriver

README

C TCP Dump Log Analyzer
Written by Alex Manelis <amanelis@gmail.com>

Description:
This project reads in a TCP dump file. It analyzes it, and 
sorts throught types of packets. Using this it can take this
data to create a three way handshake with a victim machine.

parse.c - 
This was the original attempt at trying to read the packets
and information. Its implementation is not as effective as 
wanted considering I am doing multiple reads. This is why 
the second implementation is the real working one. 

parse_lab.c -
This file correctly reads the data and stores to a buffer.
Working on implementing a packet manipulation function that
will then send out manipulated packets on network. Does not
properly resend packets to make three way hand shake.

driver.c -
This file properly sends packets to network. Working on 
confirming the three way handshake


Dependencies -
1.) ldnet
2.) lpcap
3.) tcpdump, w/ dump file
4.) bit-twist (not implemented yet, in future)

INSTALL & RUNNING -
$>make driver
$>./driver [network log file] [config file]

In the logs/ dir, I have included some TCP dump files you can
demo your executables on. I would try:

$>./driver logs/syn.64.log logs/cfg.alex

PACKETS DIR
This directory was used to generate packets using the program
bit-twist. As for my packet manipulation that is the next library
I will be including in this application.

Demo invocation: 
./driver logs/syn.64.log logs/cfg.alex