Packet monster, or Packémon for short! (っ‘-’)╮=͟͟͞͞◒ ヽ( '-'ヽ)
TUI tool and Go library for sending packets of arbitrary input and monitoring packets on any network interfaces (default: eth0). This tool is not available for Windows and macOS. I have confirmed that it works on Debian on WSL2.
I intend to develop it patiently🌴
This TUI tool has two major functions: packet generation and packet monitoring.
This image shows packemon running in Generator / Monitor mode.
DNS query packet generated by Generator on the left is shown in 27st line of the Monitor. DNS query response packet is shown as 28nd line, and a more detailed view of it is shown in the image below.
Packemon's Monitor allows user to select each packet by pressing Enter key. Then, select any line and press Enter key to see the details of the desired packet. Pressing Esc key in the packet detail screen will return you to the original packet list screen.
-
Send generated packets to any network interfaces.
- You can specify network interface with
--interfaceflag. Default iseth0.
- You can specify network interface with
-
The following types of packets are covered.
- Ethernet
- ARP (WIP)
- IPv4 (WIP)
- ICMP (WIP)
- TCP (WIP)
- UDP (WIP)
- DNS (WIP)
- HTTP (WIP)
- xxxxx....
-
Monitor any network interfaces.
- You can specify network interface with
--interfaceflag. Default iseth0.
- You can specify network interface with
-
The following types of packets are covered.
- Ethernet
- ARP
- IPv4 (WIP)
- ICMP (WIP)
- TCP (WIP)
- UDP
- DNS (WIP)
- DNS query
- DNS query response
- xxxxx....
- HTTP (WIP)
- HTTP GET request
- HTTP GET response
- xxxxx....
- xxxxx....
Go $ go install github.com/ddddddO/packemon/cmd/packemon@latest deb $ export PACKEMON_VERSION=X.X.X $ curl -o packemon.deb -L https://github.com/ddddddO/packemon/releases/download/v$PACKEMON_VERSION/packemon_$PACKEMON_VERSION-1_amd64.deb $ dpkg -i packemon.deb rpm $ export PACKEMON_VERSION=X.X.X $ yum install https://github.com/ddddddO/packemon/releases/download/v$PACKEMON_VERSION/packemon_$PACKEMON_VERSION-1_amd64.rpm apk $ export PACKEMON_VERSION=X.X.X $ curl -o packemon.apk -L https://github.com/ddddddO/packemon/releases/download/v$PACKEMON_VERSION/packemon_$PACKEMON_VERSION-1_amd64.apk $ apk add --allow-untrusted packemon.apk
-
Packet Generator
sudo packemon --send -
Packet Monitor
sudo packemon
- netcat
- Nmap
-
- Packemon is using this TUI library.
-
- The way Go handles syscalls, packet checksum logic, etc. was helpful. This is a book in Japanese.
xxx
-
「Golangで作るソフトウェアルータ」
- その実装コード: https://github.com/sat0ken/go-curo
-
動作確認用コマンドの参考
-
WSL2のDebianで動作した。
-
任意の Ethernet ヘッダ / IPv4 ヘッダ / ARP / ICMP を楽に作れてフレームを送信できる
-
以下はtmuxで3分割した画面に各種ヘッダのフォーム画面を表示している。そして ICMP echo request を送信し、 echo reply が返ってきていることを Wireshark で確認した様子
-
フレームを受信して詳細表示(ARPとIPv4)
少し前のUI(`5062561` のコミット)
-
TUIライブラリとして https://github.com/rivo/tview を使わせてもらってる🙇
pi@raspberrypi:~ $ sudo go run main.go$ sudo tcpdump -U -i eth0 -w - | /mnt/c/Program\ Files/Wireshark/Wireshark.exe -k -i --
受信画面
$ sudo go run cmd/packemon/main.go -
送信画面
$ sudo go run cmd/packemon/main.go --send -
単発フレーム送信コマンド(e.g. ARP request)
$ sudo go run cmd/packemon/main.go --debug --send --proto arp
$ arping -c 1 1.2.3.4
ARPING 1.2.3.4 from 172.23.242.78 eth0
Sent 1 probes (1 broadcast(s))
Received 0 response(s)$ nslookup -vc github.comどうするか
$ ip -6 route
$ ping -c 1 fe80::1xxx
-
Ethernetフレームのみ作って送信(
77c9149でコミットしたファイルにて)
-
ARPリクエストを作って送信(
390f266でコミットしたファイルにて。中身はめちゃくちゃと思うけど)
-
ARPリクエストを受信してパース(
b6a025aでコミット)
