Documentation ¶
Index ¶
- Constants
- Variables
- func EstablishConnectionAndSendPayload(nwInterface string, dstIPAddr []byte, dstPort uint16, payload []byte) error
- func EstablishConnectionAndSendPayloadXxx(ctx context.Context, nwInterface string, fEthrh *EthernetHeader, fIpv4 *IPv4, ...) error
- func ExecCommand(command string, args ...string) (string, error)
- func ExecIP(args ...string) (string, error)
- func ExecIPNeigh(args ...string) (string, error)
- func ExecIPRoute(args ...string) (string, error)
- func GetDefaultRouteIP() (string, error)
- func GetDefaultRouteMAC() (string, error)
- func IsDNSRequest(flags uint16) bool
- func IsDNSResponse(flags uint16) bool
- func NewTLSApplicationData(data []byte, keyblock *KeyBlock, clientSequence int) []byte
- func NewTLSClientKeyExchangeAndChangeCipherSpecAndFinished(clientHello *TLSClientHello, serverHello *TLSServerHello) (*TLSClientKeyExchange, *KeyBlock, int, []byte, []byte)
- func Options() []byte
- func OptionsOfAck() []byte
- func OptionsOfhttp() []byte
- func StrHexToBytes(s string) ([]byte, error)
- func StrHexToBytes2(s string) ([]byte, error)
- func StrHexToBytes3(s string) (byte, error)
- func StrIPToBytes(s string) ([]byte, error)
- func StrIntToUint16(s string) (uint16, error)
- func WriteUint16(buf *bytes.Buffer, target uint16)
- func WriteUint32(buf *bytes.Buffer, target uint32)
- type ARP
- type Answer
- type Certificate
- type ChangeCipherSpecAndFinished
- type ChangeCipherSpecProtocol
- type ClientKeyExchange
- type DNS
- type EncryptedHandshakeMessage
- type EthernetFrame
- type EthernetHeader
- type Finished
- type ForVerifing
- type HTTP
- type HTTPResponse
- type HTTPResponseHeader
- type HardwareAddr
- type ICMP
- type IPv4
- type IPv6
- type KeyBlock
- type Mss
- type NetworkInterface
- type NetworkInterfaceForTCP
- type NoOperation
- type Passive
- type Queries
- type RSAEncryptedPreMasterSecret
- type SackPermitted
- type ServerHello
- type ServerHelloDone
- type TCP
- func NewTCPAck(srcPort, dstPort uint16, prevSequence uint32, prevAcknowledgment uint32) *TCP
- func NewTCPAckForPassiveData(srcPort, dstPort uint16, prevSequence uint32, prevAcknowledgment uint32, ...) *TCP
- func NewTCPFinAck(srcPort, dstPort uint16, prevSequence uint32, prevAcknowledgment uint32) *TCP
- func NewTCPSyn(srcPort, dstPort uint16) *TCP
- func NewTCPWithData(srcPort, dstPort uint16, data []byte, prevSequence uint32, ...) *TCP
- func ParsedTCP(payload []byte) *TCP
- type TLSApplicationData
- type TLSClientHello
- type TLSClientKeyExchange
- type TLSHandshakeProtocol
- type TLSRecordLayer
- type TLSServerHello
- type Timestamps
- type UDP
- type WindowScale
Constants ¶
const ( ARP_OPERATION_CODE_REQUEST = 0x0001 ARP_OPERATION_CODE_REPLY = 0x0002 )
const ( DNS_QR_REQUEST = 0x0000 DNS_QR_RESPONSE = 0x8000 )
https://datatracker.ietf.org/doc/html/rfc1035#section-4.1.1 の「QR」 関連: https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-5 の「Opcode」の逆引きは廃止(IQuery (Inverse Query, OBSOLETE))
const ( DNS_QUERY_TYPE_A = 0x0001 DNS_QUERY_TYPE_AAAA = 0x001c )
const ( IPv4_PROTO_ICMP uint8 = 0x01 IPv4_PROTO_TCP uint8 = 0x06 IPv4_PROTO_UDP uint8 = 0x11 )
const ( IPv6_NEXT_HEADER_UDP = 0x11 IPv6_NEXT_HEADER_ICMPv6 = 0x3a )
const ( // 最後0付けてるけど、Wireshark上だと不要。受信時、TCP.Flags を4bit左シフトしてるからここでも付けてる TCP_FLAGS_SYN = 0x0020 TCP_FLAGS_SYN_ACK = 0x0120 TCP_FLAGS_ACK = 0x0100 TCP_FLAGS_FIN_ACK = 0x0110 TCP_FLAGS_PSH_ACK = 0x0180 // データを上位層へ渡してという信号 TCP_FLAGS_FIN_PSH_ACK = 0x0190 )
const ARP_HARDWARE_TYPE_THERNET = 0x0001
const ARP_PROTO_TYPE_IPv4 = 0x0800
const CLIENT_HELLO = 0x01
const COMMAND_IP = "ip"
const COMPRESSION_METHOD_NULL = 0x00
const (
DNS_QUERY_CLASS_IN = 0x0001
)
const ETHER_TYPE_ARP uint16 = 0x0806
const ETHER_TYPE_IPv4 uint16 = 0x0800
const ETHER_TYPE_IPv6 uint16 = 0x86dd
const (
ICMP_TYPE_REQUEST = 0x08
)
const PORT_DNS = 0x0035 // 53
const (
PORT_HTTP = 0x0050
)
const TLS_CONTENT_TYPE_APPLICATION_DATA = 0x17
const TLS_CONTENT_TYPE_CHANGE_CIPHER_SPEC = 0x14
const TLS_CONTENT_TYPE_HANDSHAKE = 0x16
const TLS_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE = 0x10
const TLS_HANDSHAKE_TYPE_FINISHED = 0x14
Variables ¶
var IPv4Protocols = map[uint8]string{ IPv4_PROTO_ICMP: "ICMP", IPv4_PROTO_TCP: "TCP", IPv4_PROTO_UDP: "UDP", }
var KeyLable = []byte("key expansion")
var MasterSecretLable = []byte("master secret")
var TLS_VERSION_1_2 = []byte{0x03, 0x03}
Functions ¶
func EstablishConnectionAndSendPayload ¶
func EstablishConnectionAndSendPayload(nwInterface string, dstIPAddr []byte, dstPort uint16, payload []byte) error
with tcp 3 way handshake
func EstablishConnectionAndSendPayloadXxx ¶ added in v0.0.3
func EstablishConnectionAndSendPayloadXxx(ctx context.Context, nwInterface string, fEthrh *EthernetHeader, fIpv4 *IPv4, fTcp *TCP, fHttp *HTTP) error
このなかで、ログ出力などしないこと。Monitor の下に出てくる 挙動を詳細に確認する場合は、internal内の SendTCP3wayhandshake 関数でやること TODO: 対向からRST,RST/ACKが来た時にreturnするようにする TODO: http専用になっちゃってるから、他のプロトコルでも使えるよう汎用的にする
func ExecIPNeigh ¶
func ExecIPRoute ¶
func GetDefaultRouteIP ¶
func GetDefaultRouteMAC ¶
func IsDNSRequest ¶ added in v1.0.8
func IsDNSResponse ¶ added in v1.0.8
func NewTLSApplicationData ¶ added in v1.0.3
func NewTLSClientKeyExchangeAndChangeCipherSpecAndFinished ¶ added in v1.0.3
func NewTLSClientKeyExchangeAndChangeCipherSpecAndFinished(clientHello *TLSClientHello, serverHello *TLSServerHello) (*TLSClientKeyExchange, *KeyBlock, int, []byte, []byte)
func OptionsOfhttp ¶
func OptionsOfhttp() []byte
http getリクエスト時のtcp optionを覗いて https://atmarkit.itmedia.co.jp/ait/articles/0401/29/news080_2.html 「オプション」フィールド:32bit単位で可変長
func StrHexToBytes ¶ added in v1.0.0
TODO: rename or refactor
func StrHexToBytes2 ¶ added in v1.0.0
TODO: rename or refactor
func StrHexToBytes3 ¶ added in v1.0.0
TODO: rename or refactor
func StrIPToBytes ¶ added in v1.0.0
stringのIPv4アドレスをbytesに変換
func StrIntToUint16 ¶ added in v1.0.0
func WriteUint16 ¶
func WriteUint32 ¶
Types ¶
type ARP ¶
type ARP struct { HardwareType uint16 ProtocolType uint16 HardwareAddrLength uint8 ProtocolLength uint8 Operation uint16 SenderHardwareAddr HardwareAddr SenderIPAddr uint32 TargetHardwareAddr HardwareAddr TargetIPAddr uint32 }
https://ja.wikipedia.org/wiki/Address_Resolution_Protocol#%E3%83%91%E3%82%B1%E3%83%83%E3%83%88%E6%A7%8B%E9%80%A0 https://beginners-network.com/supplement/arp_packet_format.html
func NewARPReply ¶ added in v1.0.0
func NewARPReply(sMACAdder HardwareAddr, sIPAddr uint32, tMACAddr HardwareAddr, tIPAddr uint32) *ARP
func NewARPRequest ¶ added in v1.0.0
func NewARPRequest(sMACAdder HardwareAddr, sIPAddr uint32, tMACAddr HardwareAddr, tIPAddr uint32) *ARP
type Certificate ¶ added in v1.0.3
type Certificate struct { RecordLayer *TLSRecordLayer HandshakeProtocol *TLSHandshakeProtocol CertificatesLength []byte Certificates []byte // TODO: ここ更にフィールドあった // contains filtered or unexported fields }
func (*Certificate) Bytes ¶ added in v1.0.3
func (c *Certificate) Bytes() []byte
func (*Certificate) ServerPublicKey ¶ added in v1.0.3
func (c *Certificate) ServerPublicKey() *rsa.PublicKey
func (*Certificate) Validate ¶ added in v1.0.3
func (c *Certificate) Validate() error
ref: https://zenn.dev/satoken/articles/golang-tls1_2#serverhello%2C-certificate%2C-serverhellodone
type ChangeCipherSpecAndFinished ¶ added in v1.0.3
type ChangeCipherSpecAndFinished struct { ChangeCipherSpecProtocol *ChangeCipherSpecProtocol Finished *Finished }
func ParsedTLSChangeCipherSpecAndFinished ¶ added in v1.0.3
func ParsedTLSChangeCipherSpecAndFinished(b []byte, keyblock *KeyBlock, clientSequenceNum int, verifyingData *ForVerifing) *ChangeCipherSpecAndFinished
type ChangeCipherSpecProtocol ¶ added in v1.0.3
type ChangeCipherSpecProtocol struct { RecordLayer *TLSRecordLayer ChangeCipherSpecMessage []byte }
func (*ChangeCipherSpecProtocol) Bytes ¶ added in v1.0.3
func (cc *ChangeCipherSpecProtocol) Bytes() []byte
type ClientKeyExchange ¶ added in v1.0.3
type ClientKeyExchange struct { RecordLayer *TLSRecordLayer HandshakeProtocol *TLSHandshakeProtocol RSAEncryptedPreMasterSecret *RSAEncryptedPreMasterSecret }
func (*ClientKeyExchange) Bytes ¶ added in v1.0.3
func (c *ClientKeyExchange) Bytes() []byte
type DNS ¶
type DNS struct { TransactionID uint16 Flags uint16 // TODO: ここにビット単位で意味があるから、structにして管理したい Questions uint16 AnswerRRs uint16 AuthorityRRs uint16 AdditionalRRs uint16 Queries *Queries Answers []*Answer }
https://atmarkit.itmedia.co.jp/ait/articles/1601/29/news014.html 上記とパケットキャプチャ見てイメージがつく、domain
func ParsedDNSRequest ¶
func ParsedDNSResponse ¶
type EncryptedHandshakeMessage ¶ added in v1.0.3
type EncryptedHandshakeMessage struct { RecordLayer *TLSRecordLayer EncryptedHandshakeMessage_ []byte }
func (*EncryptedHandshakeMessage) Bytes ¶ added in v1.0.3
func (e *EncryptedHandshakeMessage) Bytes() []byte
type EthernetFrame ¶
type EthernetFrame struct { Header *EthernetHeader Data []byte }
func NewEthernetFrame ¶
func NewEthernetFrame(dst HardwareAddr, src HardwareAddr, typ uint16, payload []byte) *EthernetFrame
func ParsedEthernetFrame ¶
func ParsedEthernetFrame(b []byte) *EthernetFrame
func (*EthernetFrame) Bytes ¶
func (ef *EthernetFrame) Bytes() []byte
type EthernetHeader ¶
type EthernetHeader struct { Dst HardwareAddr Src HardwareAddr Typ uint16 }
type Finished ¶ added in v1.0.3
type Finished struct { RecordLayer *TLSRecordLayer RawEncrypted []byte }
type ForVerifing ¶ added in v1.0.3
type ForVerifing struct { Master []byte ClientHello *TLSClientHello ServerHello *TLSServerHello ClientKeyExchange *ClientKeyExchange ClientFinished []byte // 暗号化前の }
type HTTP ¶
type HTTP struct { Method string Uri string Version string Host string UserAgent string Accept string ContentLength string Body string }
func ParsedHTTPRequest ¶
type HTTPResponse ¶
type HTTPResponse struct { StatusLine string Header *HTTPResponseHeader Body []byte // contains filtered or unexported fields }
func ParsedHTTPResponse ¶
func ParsedHTTPResponse(payload []byte) *HTTPResponse
TODO: 多分このあたりバグってる。Monitor の http response の hexadecimal dump と Wireshark で異なる
func (*HTTPResponse) Bytes ¶ added in v1.0.7
func (hr *HTTPResponse) Bytes() []byte
func (*HTTPResponse) Len ¶ added in v0.0.3
func (h *HTTPResponse) Len() int
type HTTPResponseHeader ¶ added in v0.0.3
func (*HTTPResponseHeader) Bytes ¶ added in v1.0.7
func (hrh *HTTPResponseHeader) Bytes() []byte
type HardwareAddr ¶
type HardwareAddr [6]uint8
func (*HardwareAddr) String ¶ added in v1.0.0
func (h *HardwareAddr) String() string
type ICMP ¶
type ICMP struct { Typ uint8 Code uint8 Checksum uint16 Identifier uint16 Sequence uint16 Data []byte }
https://www.infraexpert.com/study/tcpip4.html https://inc0x0.com/icmp-ip-packets-ping-manually-create-and-send-icmp-ip-packets/
func ParsedICMP ¶
func (*ICMP) CalculateChecksum ¶
copy from https://cs.opensource.google/go/x/net/+/master:icmp/message.go
type IPv4 ¶
type IPv4 struct { Version uint8 // 4bit Ihl uint8 // 4bit. hearder length Tos uint8 // 8bit. type of service TotalLength uint16 // 16bit. total length Identification uint16 // 16bit Flags uint8 // 3bit FragmentOffset uint16 // 13bit Ttl uint8 // 8bit Protocol uint8 // 8bit HeaderChecksum uint16 // 16bit SrcAddr uint32 // 32bit DstAddr uint32 // 32bit Options []uint8 Padding []uint8 Data []byte }
https://www.infraexpert.com/study/tcpip1.html
func ParsedIPv4 ¶
func (*IPv4) CalculateTotalLength ¶
func (i *IPv4) CalculateTotalLength()
func (*IPv4) StrDstIPAddr ¶ added in v1.0.0
func (*IPv4) StrSrcIPAddr ¶ added in v1.0.0
type IPv6 ¶ added in v0.0.2
type IPv6 struct { Version uint8 // 4bit TrafficClass uint8 FlowLabel uint32 // 20bit PayloadLength uint16 NextHeader uint8 HopLimit uint8 SrcAddr []uint8 DstAddr []uint8 Option []uint8 Data []byte }
https://atmarkit.itmedia.co.jp/ait/articles/1201/05/news113.html
func ParsedIPv6 ¶ added in v0.0.2
func (*IPv6) StrDstIPAddr ¶ added in v1.0.0
func (*IPv6) StrSrcIPAddr ¶ added in v1.0.0
type NetworkInterface ¶
type NetworkInterface struct { Intf *net.Interface Socket int // file discripter SocketAddr unix.SockaddrLinklayer IPAdder uint32 PassiveCh chan *Passive }
func NewNetworkInterface ¶
func NewNetworkInterface(nwInterface string) (*NetworkInterface, error)
func (*NetworkInterface) Close ¶
func (nw *NetworkInterface) Close() error
func (*NetworkInterface) Send ¶
func (nw *NetworkInterface) Send(ethernetFrame *EthernetFrame) error
type NetworkInterfaceForTCP ¶
type NetworkInterfaceForTCP struct {
Socket int
}
func NewNetworkInterfaceForTCP ¶
func NewNetworkInterfaceForTCP(nwInterface string) (*NetworkInterfaceForTCP, error)
func (*NetworkInterfaceForTCP) Close ¶
func (nwt *NetworkInterfaceForTCP) Close() error
func (*NetworkInterfaceForTCP) Connect ¶
func (nwt *NetworkInterfaceForTCP) Connect(dstIPAddr []byte, dstPort uint16) error
type NoOperation ¶
type NoOperation struct {
Kind uint8
}
type Passive ¶
type Passive struct { HTTPRes *HTTPResponse HTTP *HTTP DNS *DNS TCP *TCP UDP *UDP ICMP *ICMP IPv4 *IPv4 IPv6 *IPv6 ARP *ARP EthernetFrame *EthernetFrame }
func ParsedPacket ¶
func (*Passive) HighLayerProto ¶
type RSAEncryptedPreMasterSecret ¶ added in v1.0.3
type RSAEncryptedPreMasterSecret struct { EncryptedPreMasterLength []byte EncryptedPreMaster []byte }
func (*RSAEncryptedPreMasterSecret) Bytes ¶ added in v1.0.3
func (r *RSAEncryptedPreMasterSecret) Bytes() []byte
type SackPermitted ¶
type ServerHello ¶ added in v1.0.3
type ServerHello struct { RecordLayer *TLSRecordLayer HandshakeProtocol *TLSHandshakeProtocol }
func (*ServerHello) Bytes ¶ added in v1.0.3
func (s *ServerHello) Bytes() []byte
type ServerHelloDone ¶ added in v1.0.3
type ServerHelloDone struct { RecordLayer *TLSRecordLayer HandshakeProtocol *TLSHandshakeProtocol }
func (*ServerHelloDone) Bytes ¶ added in v1.0.3
func (sd *ServerHelloDone) Bytes() []byte
type TCP ¶
type TCP struct { SrcPort uint16 DstPort uint16 Sequence uint32 Acknowledgment uint32 // HeaderLength uint8 HeaderLength uint16 Flags uint16 // flagsをセットする用の関数あったほうがいいかも? Window uint16 Checksum uint16 UrgentPointer uint16 Options []byte // optionsをセットする用の関数あった方がいいかも? Data []byte }
func NewTCPAckForPassiveData ¶ added in v0.0.3
func NewTCPAckForPassiveData(srcPort, dstPort uint16, prevSequence uint32, prevAcknowledgment uint32, tcpPayloadLength int) *TCP
tcpパケット連続で送るときは port 変えること
func NewTCPFinAck ¶ added in v0.0.3
tcpパケット連続で送るときは port 変えること
func NewTCPWithData ¶
func NewTCPWithData(srcPort, dstPort uint16, data []byte, prevSequence uint32, prevAcknowledgment uint32) *TCP
tcpパケット連続で送るときは port 変えること
func (*TCP) CalculateChecksum ¶ added in v0.0.3
https://atmarkit.itmedia.co.jp/ait/articles/0401/29/news080_2.html 「「チェックサム」フィールド:16bit幅」
type TLSApplicationData ¶ added in v1.0.3
type TLSApplicationData struct { RecordLayer *TLSRecordLayer EncryptedApplicationData []byte }
こちらで作る分にはこのstructは不要
func (*TLSApplicationData) Bytes ¶ added in v1.0.3
func (a *TLSApplicationData) Bytes() []byte
type TLSClientHello ¶ added in v1.0.3
type TLSClientHello struct { RecordLayer *TLSRecordLayer HandshakeProtocol *TLSHandshakeProtocol }
func NewTLSClientHello ¶ added in v1.0.3
func NewTLSClientHello() *TLSClientHello
func (*TLSClientHello) Bytes ¶ added in v1.0.3
func (tch *TLSClientHello) Bytes() []byte
type TLSClientKeyExchange ¶ added in v1.0.3
type TLSClientKeyExchange struct { ClientKeyExchange *ClientKeyExchange ChangeCipherSpecProtocol *ChangeCipherSpecProtocol EncryptedHandshakeMessage []byte }
func (*TLSClientKeyExchange) Bytes ¶ added in v1.0.3
func (tlsclientkeyexchange *TLSClientKeyExchange) Bytes() []byte
type TLSHandshakeProtocol ¶ added in v1.0.3
type TLSHandshakeProtocol struct { HandshakeType []byte Length []byte Version []byte Random []byte SessionID []byte CipherSuitesLength []byte CipherSuites []uint16 // ref: https://tls12.xargs.org/#client-hello/annotated [Ciper Suites] CompressionMethodsLength []byte CompressionMethods []byte ExtensionsLength []byte Extentions []byte // サイト見ると結構種類有りそう }
func (*TLSHandshakeProtocol) Bytes ¶ added in v1.0.3
func (p *TLSHandshakeProtocol) Bytes(isFromServer bool) []byte
type TLSRecordLayer ¶ added in v1.0.3
ref: https://tls12.xargs.org/#client-hello/annotated 以降のstructのフィールドはWiresharkを見つつ補完
func (*TLSRecordLayer) Bytes ¶ added in v1.0.3
func (l *TLSRecordLayer) Bytes() []byte
type TLSServerHello ¶ added in v1.0.3
type TLSServerHello struct { ServerHello *ServerHello Certificate *Certificate ServerHelloDone *ServerHelloDone }
func ParsedTLSServerHello ¶ added in v1.0.3
func ParsedTLSServerHello(b []byte) *TLSServerHello
func (*TLSServerHello) Bytes ¶ added in v1.0.3
func (tlsserverhello *TLSServerHello) Bytes() []byte