Class: PacketFu::TCPHeader

Inherits:
Struct
  • Object
show all
Includes:
StructFu
Defined in:
lib/packetfu/protos/tcp.rb

Overview

TCPHeader is a complete TCP struct, used in TCPPacket. Most IP traffic is TCP-based, by volume.

For more on TCP packets, see www.networksorcery.com/enp/protocol/tcp.htm

Header Definition

Int16        :tcp_src       Default: random 
Int16        :tcp_dst
Int32        :tcp_seq       Default: random
Int32        :tcp_ack
TcpHlen      :tcp_hlen      Default: 5           # Must recalc as options are set. 
TcpReserved  :tcp_reserved  Default: 0
TcpEcn       :tcp_ecn
TcpFlags     :tcp_flags
Int16        :tcp_win,      Default: 0           # WinXP's default syn packet
Int16        :tcp_sum,      Default: calculated  # Must set this upon generation.
Int16        :tcp_urg
TcpOptions   :tcp_opts
String       :body

See also TcpHlen, TcpReserved, TcpEcn, TcpFlags, TcpOpts

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from StructFu

#clone, #set_endianness, #sz, #typecast

Methods inherited from Struct

#force_binary

Constructor Details

#initialize(args = {}) ⇒ TCPHeader

Returns a new instance of TCPHeader.



670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
 
# File 'lib/packetfu/protos/tcp.rb', line 670

def initialize(args={})
	@random_seq = rand(0xffffffff)
	@random_src = rand_port
	super(
		Int16.new(args[:tcp_src] || tcp_calc_src),
		Int16.new(args[:tcp_dst]),
		Int32.new(args[:tcp_seq] || tcp_calc_seq),
		Int32.new(args[:tcp_ack]),
		TcpHlen.new(:hlen => (args[:tcp_hlen] || 5)),
		TcpReserved.new(args[:tcp_reserved] || 0),
		TcpEcn.new(args[:tcp_ecn]),
		TcpFlags.new(args[:tcp_flags]),
		Int16.new(args[:tcp_win] || 0x4000),
		Int16.new(args[:tcp_sum] || 0),
		Int16.new(args[:tcp_urg]),
		TcpOptions.new.read(args[:tcp_opts]),
		StructFu::String.new.read(args[:body])
	)
end

Instance Attribute Details

#bodyObject

Returns the value of attribute body

Returns:

  • (Object)

    the current value of body



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def body
  @body
end

#flavorObject

Returns the value of attribute flavor.



690
691
692
 
# File 'lib/packetfu/protos/tcp.rb', line 690

def flavor
  @flavor
end

#tcp_ackObject

Getter for the TCP ackowlegement number.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_ack
  @tcp_ack
end

#tcp_dstObject

Getter for the TCP destination port.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_dst
  @tcp_dst
end

#tcp_ecnObject

Getter for the ECN bits.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_ecn
  @tcp_ecn
end

#tcp_flagsObject

Returns the value of attribute tcp_flags

Returns:

  • (Object)

    the current value of tcp_flags



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_flags
  @tcp_flags
end

#tcp_hlenObject

Getter for the TCP Header Length value.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_hlen
  @tcp_hlen
end

#tcp_optsObject

Getter for TCP Options.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_opts
  @tcp_opts
end

#tcp_reservedObject

Getter for the TCP Reserved field.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_reserved
  @tcp_reserved
end

#tcp_seqObject

Getter for the TCP sequence number.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_seq
  @tcp_seq
end

#tcp_srcObject

Getter for the TCP source port.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_src
  @tcp_src
end

#tcp_sumObject

Getter for the TCP checksum.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_sum
  @tcp_sum
end

#tcp_urgObject

Getter for the TCP urgent field.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_urg
  @tcp_urg
end

#tcp_winObject

Getter for the TCP window size number.



662
663
664
 
# File 'lib/packetfu/protos/tcp.rb', line 662

def tcp_win
  @tcp_win
end

Instance Method Details

#bits_to_sObject

Helper function to create the string for Hlen, Reserved, ECN, and Flags.



693
694
695
696
697
698
699
700
701
702
 
# File 'lib/packetfu/protos/tcp.rb', line 693

def bits_to_s
	bytes = []
	bytes[0] = (self[:tcp_hlen].to_i << 4) +
		(self[:tcp_reserved].to_i << 1) +
		self[:tcp_ecn].n.to_i
	bytes[1] = (self[:tcp_ecn].c.to_i << 7) +
		(self[:tcp_ecn].e.to_i << 6) +
		self[:tcp_flags].to_i
	bytes.pack("CC")
end

#rand_portObject

Generates a random high port. This is affected by packet flavor.



852
853
854
 
# File 'lib/packetfu/protos/tcp.rb', line 852

def rand_port
	rand(0xffff - 1025) + 1025
end

#read(str) ⇒ Object

Reads a string to populate the object.



723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
 
# File 'lib/packetfu/protos/tcp.rb', line 723

def read(str)
	force_binary(str)
	return self if str.nil?
	self[:tcp_src].read(str[0,2])
	self[:tcp_dst].read(str[2,2])
	self[:tcp_seq].read(str[4,4])
	self[:tcp_ack].read(str[8,4])
	self[:tcp_hlen].read(str[12,1])
	self[:tcp_reserved].read(str[12,1])
	self[:tcp_ecn].read(str[12,2])
	self[:tcp_flags].read(str[13,1])
	self[:tcp_win].read(str[14,2])
	self[:tcp_sum].read(str[16,2])
	self[:tcp_urg].read(str[18,2])
	self[:tcp_opts].read(str[20,((self[:tcp_hlen].to_i * 4) - 20)])
	self[:body].read(str[(self[:tcp_hlen].to_i * 4),str.size])
	self
end

#tcp_ack_readableObject 



919
920
921
 
# File 'lib/packetfu/protos/tcp.rb', line 919

def tcp_ack_readable
	"0x%08x" % tcp_ack
end

#tcp_calc_hlenObject

Sets and returns the true length of the TCP Header. TODO: Think about making all the option stuff safer.



847
848
849
 
# File 'lib/packetfu/protos/tcp.rb', line 847

def tcp_calc_hlen
	self[:tcp_hlen] = TcpHlen.new(:hlen => ((20 + tcp_opts_len) / 4))
end

#tcp_calc_seqObject

Resets the sequence number to a new random number.



836
 
# File 'lib/packetfu/protos/tcp.rb', line 836

def tcp_calc_seq; @random_seq; end

#tcp_calc_srcObject

Resets the source port to a new random number.



838
 
# File 'lib/packetfu/protos/tcp.rb', line 838

def tcp_calc_src; @random_src; end

#tcp_dportObject

Equivalent to tcp_dst.



886
887
888
 
# File 'lib/packetfu/protos/tcp.rb', line 886

def tcp_dport
	self.tcp_dst.to_i
end

#tcp_dport=(arg) ⇒ Object

Equivalent to tcp_dst=.



891
892
893
 
# File 'lib/packetfu/protos/tcp.rb', line 891

def tcp_dport=(arg)
	self.tcp_dst=(arg)
end

#tcp_flags_dotmapObject Also known as: tcp_flags_readable

Gets a more readable flags list



862
863
864
865
866
867
868
 
# File 'lib/packetfu/protos/tcp.rb', line 862

def tcp_flags_dotmap
	dotmap = tcp_flags.members.map do |flag|
		status = self.tcp_flags.send flag
		status == 0 ? "." : flag.to_s.upcase[0].chr
	end
	dotmap.join
end

#tcp_optionsObject

Gets a more readable option list.



857
858
859
 
# File 'lib/packetfu/protos/tcp.rb', line 857

def tcp_options
 self[:tcp_opts].decode
end

#tcp_options=(arg) ⇒ Object

Sets a more readable option list.



871
872
873
 
# File 'lib/packetfu/protos/tcp.rb', line 871

def tcp_options=(arg)
	self[:tcp_opts].encode arg
end

#tcp_opts_lenObject

Returns the actual length of the TCP options.



841
842
843
 
# File 'lib/packetfu/protos/tcp.rb', line 841

def tcp_opts_len
	self[:tcp_opts].to_s.size
end

#tcp_opts_readableObject 



931
932
933
 
# File 'lib/packetfu/protos/tcp.rb', line 931

def tcp_opts_readable
	tcp_options
end

#tcp_recalc(arg = :all) ⇒ Object

Recalculates calculated fields for TCP (except checksum which is at the Packet level).



896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
 
# File 'lib/packetfu/protos/tcp.rb', line 896

def tcp_recalc(arg=:all)
	case arg
	when :tcp_hlen
		tcp_calc_hlen
	when :tcp_src
		@random_tcp_src = rand_port
	when :tcp_sport
		@random_tcp_src = rand_port
	when :tcp_seq
		@random_tcp_seq = rand(0xffffffff) 
	when :all
		tcp_calc_hlen
		@random_tcp_src = rand_port
		@random_tcp_seq = rand(0xffffffff) 
	else
		raise ArgumentError, "No such field `#{arg}'"
	end
end

#tcp_seq_readableObject 



923
924
925
 
# File 'lib/packetfu/protos/tcp.rb', line 923

def tcp_seq_readable
	"0x%08x" % tcp_seq
end

#tcp_sportObject

Equivalent to tcp_src.



876
877
878
 
# File 'lib/packetfu/protos/tcp.rb', line 876

def tcp_sport
	self.tcp_src.to_i
end

#tcp_sport=(arg) ⇒ Object

Equivalent to tcp_src=.



881
882
883
 
# File 'lib/packetfu/protos/tcp.rb', line 881

def tcp_sport=(arg)
	self.tcp_src=(arg)
end

#tcp_sum_readableObject 



927
928
929
 
# File 'lib/packetfu/protos/tcp.rb', line 927

def tcp_sum_readable
	"0x%04x" % tcp_sum
end

#to_sObject

Returns the object in string form.



705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
 
# File 'lib/packetfu/protos/tcp.rb', line 705

def to_s
	hdr = self.to_a.map do |x|
		if x.kind_of? TcpHlen
			bits_to_s
		elsif x.kind_of? TcpReserved
			next
		elsif x.kind_of? TcpEcn
			next
		elsif x.kind_of? TcpFlags
			next
		else
			x.to_s
		end
	end
	hdr.flatten.join
end