Class: PacketFu::ICMPPacket

Inherits:
Packet
  • Object
show all
Defined in:
lib/packetfu/protos/icmp.rb

Overview

ICMPPacket is used to construct ICMP Packets. They contain an EthHeader, an IPHeader, and a ICMPHeader.

Example

icmp_pkt.new
icmp_pkt.icmp_type = 8
icmp_pkt.icmp_code = 0
icmp_pkt.payload = "ABC, easy as 123. As simple as do-re-mi. ABC, 123, baby, you and me!"

icmp_pkt.ip_saddr="1.2.3.4"
icmp_pkt.ip_daddr="5.6.7.8"

icmp_pkt.recalc 
icmp_pkt.to_f('/tmp/icmp.pcap')

Parameters

:eth
 A pre-generated EthHeader object.
:ip
 A pre-generated IPHeader object.
:flavor
 TODO: Sets the "flavor" of the ICMP packet. Pings, in particular, often betray their true
 OS.
:config
 A hash of return address details, often the output of Utils.whoami?

Instance Attribute Summary collapse

Attributes inherited from Packet

#flavor, #headers, #iface, #inspect_style

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Packet

#==, #clone, #dissect, #dissection_table, force_binary, #handle_is_identity, #hexify, inherited, #inspect, #inspect_hex, #kind_of?, layer, #layer, #layer_symbol, layer_symbol, #method_missing, #orig_kind_of?, parse, #payload, #payload=, #peek, #proto, #recalc, #respond_to?, #size, #to_f, #to_pcap, #to_s, #to_w, #write

Constructor Details

#initialize(args = {}) ⇒ ICMPPacket

Returns a new instance of ICMPPacket.



144
145
146
147
148
149
150
151
152
153
154
155
 
# File 'lib/packetfu/protos/icmp.rb', line 144

def initialize(args={})
  @eth_header = EthHeader.new(args).read(args[:eth])
  @ip_header = IPHeader.new(args).read(args[:ip])
  @ip_header.ip_proto = 1
  @icmp_header = ICMPHeader.new(args).read(args[:icmp])

  @ip_header.body = @icmp_header
  @eth_header.body = @ip_header

  @headers = [@eth_header, @ip_header, @icmp_header]
  super
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class PacketFu::Packet

Instance Attribute Details

#eth_headerObject

Returns the value of attribute eth_header.



123
124
125
 
# File 'lib/packetfu/protos/icmp.rb', line 123

def eth_header
  @eth_header
end

#icmp_headerObject

Returns the value of attribute icmp_header.



123
124
125
 
# File 'lib/packetfu/protos/icmp.rb', line 123

def icmp_header
  @icmp_header
end

#ip_headerObject

Returns the value of attribute ip_header.



123
124
125
 
# File 'lib/packetfu/protos/icmp.rb', line 123

def ip_header
  @ip_header
end

Class Method Details

.can_parse?(str) ⇒ Boolean

Returns:

  • (Boolean) 


125
126
127
128
129
130
131
 
# File 'lib/packetfu/protos/icmp.rb', line 125

def self.can_parse?(str)
  return false unless str.size >= 54
  return false unless EthPacket.can_parse? str
  return false unless IPPacket.can_parse? str
  return false unless str[23,1] == "\x01"
  return true
end

Instance Method Details

#peek_formatObject

Peek provides summary data on packet contents.



158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
 
# File 'lib/packetfu/protos/icmp.rb', line 158

def peek_format
  peek_data = ["IC "] # I is taken by IP
  peek_data << "%-5d" % self.to_s.size
  type = case self.icmp_type.to_i
         when 8
           "ping"
         when 0
           "pong"
         else
           "%02x-%02x" % [self.icmp_type, self.icmp_code]
         end
  peek_data << "%-21s" % "#{self.ip_saddr}:#{type}"
  peek_data << "->"
  peek_data << "%21s" % "#{self.ip_daddr}"
  peek_data << "%23s" % "I:"
  peek_data << "%04x" % self.ip_id
  peek_data.join
end

#read(str = nil, args = {}) ⇒ Object 



133
134
135
136
137
138
139
140
141
142
 
# File 'lib/packetfu/protos/icmp.rb', line 133

def read(str=nil, args={})
  raise "Cannot parse `#{str}'" unless self.class.can_parse?(str)
  @eth_header.read(str)
  @ip_header.read(str[14,str.size])
  @eth_header.body = @ip_header
  @icmp_header.read(str[14+(@ip_header.ip_hlen),str.size])
  @ip_header.body = @icmp_header
  super(args)
  self
end