本文共 8120 字,大约阅读时间需要 27 分钟。
Nemesis是一个分组产生和工艺工具。其能够被攻击者使用来伪造分组,为了危及,毁坏或愚弄系统或设备。它们是nemesis-arp, nemesis-dns, nemesis-icmp, nemesis-igmp, nemesis-ospf, nemesis-rip, nemesis-tcp和nemesis-udp。每个被设计来建造和发送一个特定类型的分组。协议支持的内容像OSPF或IGMP实际上设置除相似工具之外的报复。
构造各种ICMP包的工具-nemesis
文章出处:构造各种ICMP包的工具-nemesis
nemesis几乎可以用来构造任何类型的数据包, 下载地址QUOTE:
The Nemesis Project is designed to be a command line-based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.nemesis provides an interface to craft and inject a variety of arbitary packet types. Nemesis Sup-
ports the following protocols:arp
dns ethernet icmp igmp ip ospf rip tcp udpA list of supported options for each protocol is displayed by supplying a protocol name on the com-
mand line followed by the option "help" (eg: nemesis ethernet help).The manual for each protocol is dusplayed by supplying a protocol name on the command line followed
by the option "man" (eg: nemesis ethernet man).下面是ICMP部分的用法QUOTE:
NEMESIS-ICMP(1) NEMESIS-ICMP(1)NAME
nemesis-icmp - ICMP Protocol (The Nemesis Project)SYNOPSIS
nemesis-icmp [-vZ?] [-a ICMP-timestamp-request-reply-transmit-time ] [-b original-destination-IP- address ] [-B original-source-IP-address ] [-c ICMP-code ] [-d Ethernet-device ] [-D destination-IP- address ] [-e ICMP-ID ] [-f original-IP-fragmentation ] [-F fragmentation-options ] [-G preferred- gateway ] [-H source-MAC-address ] [-i ICMP-type ] [-I IP-ID ] [-j original-IP-TOS ] [-J original- IP-TTL ] [-l original-IP-options-file ] [-m ICMP-mask ] [-M destination-MAC-address ] [-o ICMP- timestamp-request-transmit-time ] [-O IP-options-file ] [-p original-IP-protocol ] [-P payload-file ] [-q ICMP-injection-mode ] [-r ICMP-timestamp-request-reply-received-time ] [-S source-IP-address ] [-t IP-TOS ] [-T IP-TTL ]DESCRIPTION
The Nemesis Project is designed to be a command line-based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.nemesis-icmp provides an interface to craft and inject ICMP packets allowing the user to specify any
portion of an ICMP packet as well as lower-level IP packet information.ICMP Options
-c ICMP-type Specify the ICMP-code within the ICMP header.-e ICMP-ID
Specify the ICMP-ID within the ICMP header.-G preferred-gateway
Specify the preferred-gateway-IP-address for ICMP redirect injection.-i ICMP-type
Specify the ICMP-type within the ICMP header.-m address-mask
Specify the IP-address-mask for ICMP address mask packets.-P payload-file
This will case nemesis-icmp to use the specified payload-file as the payload when injecting ICMP packets. For packets injected using the raw interface (where -d is not used), the maxi- mum payload size is 65387 bytes. For packets injected using the link layer interface (where -d IS used), the maximum payload size is 1352 bytes. Payloads 文章出处:can also be read from stdin by
specifying '-P -' instead of a payload file.Windows systems are limited to a maximum payload size of 1352 bytes for ICMP packets.
-q ICMP-injection-mode
Specify the ICMP-injection-mode to use when injecting. Valid modes are:-qE (ICMP echo)
-qM (ICMP address mask) -qU (ICMP unreachable) -qX (ICMP time exceeded) -qR (ICMP redirect) -qT (ICMP timestamp)Only one mode may be specified at a time.
-s ICMP-sequence-number
Specify the ICMP-sequence-number within the ICMP header.-v verbose-mode
Display the injected packet in human readable form. Use twice to see a hexdump of the injected packet.ICMP TIMESTAMP OPTIONS
-a ICMP-timestamp-request-reply-transmit-time Specify the ICMP-timestamp-request-reply-transmit-time (the time a reply to an ICMP timestamp request was transmitted) within the ICMP timestamp header.-o ICMP-timestamp-request-transmit-time
Specify the ICMP-timestamp-request-transmit-time (the time an ICMP timestamp request was Specify the ICMP-timestamp-request-transmit-time (the time an ICMP timestamp request was transmitted) within the ICMP timestamp header.-r ICMP-timestamp-request-reply-received-time
Specify the ICMP-timestamp-request-reply-received-time (the time a reply to an ICMP timestamp request was received) within the ICMP timestamp header.ICMP ORIGINAL DATAGRAM OPTIONS
-b original-destination-IP-address Specify the original-destination-IP-address within an ICMP unreachable, redirect or time exceeded packet.-B original-source-IP-address
Specify the original-source-IP-address within an ICMP unreachable, redirect or time exceeded packet.-f original-fragmentation-options
Specify the original-IP-fragmentation-options within an ICMP unreachable, redirect or time exceeded packet. For more information reference the '-F' command line switch.-j original-IP-TOS
Specify the original-IP-type-of-service (TOS) within an ICMP unreachable, redirect or time exceeded packet.-J original-IP-TTL
Specify the original-IP-time-to-live (TTL) within an ICMP unreachable, redirect or time exceeded packet.-l original-IP-options-file
This will cause nemesis-icmp to use the specified original-IP-options-file as the options when building the original IP header for the injected ICMP unreachable, redirect or time exceeded packet. IP options can be up to 40 bytes in length. The IP options file must be 文章出处:created manually based upon the desired options. IP options can also be read from stdin by
specifying '-O -' instead of an IP-options-file.-p original-IP-protocol
Specify the original-IP-protocol within an ICMP unrechable, redirect or time exceeded packet.IP OPTIONS
-D destination-IP-address Specify the destination-IP-address within the IP header.-F fragmentation-options (-F[D],[M],[R],[offset])
Specify the fragmentation options:-FD (don't fragment)
-FM (more fragments) -FR (reserved flag) -F <offset>within the IP header. IP fragmentation options can be specified individually or combined
into a single argument to the -F command line switch by separating the options with commas (eg. '-FD,M') or spaces (eg. '-FM 223'). The IP fragmentation offset is a 13-bit field with valid values from 0 to 8189. Don't fragment (DF), more fragments (MF) and the reserved flag (RESERVED or RB) are 1-bit fields.NOTE: Under normal conditions, the reserved flag is unset.
-I IP-ID
Specify the IP-ID within the IP header.-O IP-options-file
This will cause nemesis-icmp to use the specified IP-options-file as the options when build- ing the IP header for the injected packet. IP options can be up to 40 bytes in length. The IP options file must be created manually based upon the desired options. IP options can also be read from stdin by specifying '-O -' instead of an IP-options-file.-S source-IP-address
Specify the source-IP-address within the IP header.-t IP-TOS
Specify the IP-type-of-service (TOS) within the IP header. Valid type of service values:2 (Minimize monetary cost)
4 (Maximize reliability) 8 (Maximize throughput) 24 (Minimize delay)NOTE: Under normal conditions, only one type of service is set within a packet. To specify
multiple types, specify the sum of the desired values as the type of service. -T IP-TTL IP-time-to-live (TTL) within the IP header.DATA LINK OPTIONS
-d Ethernet-device Specify the name (for UNIX-like systems) or the number (for Windows systems) of the Ethernet- device to use (eg. fxp0, eth0, hme0, 1).-H source-MAC-address
Specify the source-MAC-address (XX:XX:XX:XX:XX:XX).-M destination-MAC-address
Specify the destintion-MAC-address (XX:XX:XX:XX:XX:XX).-Z list-network-interfaces
Lists the available network interfaces by number for use in link-layer injection.NOTE: This feature is only relevant to Windows systems.
文章出处:
DIAGNOSTICS
Nemesis-icmp returns 0 on a successful exit, 1 if it exits on an error.BUGS
Send concise and clearly written bug reports toAUTHOR
Jeff Nathan <>Originally developed by Mark Grimes <>
SEE ALSO
nemesis-arp(1), nemesis-dns(1), nemesis-ethernet(1), nemesis-igmp(1), nemesis-ip(1), nemesis- ospf(1), nemesis-rip(1), nemesis-tcp(1), nemesis-udp(1) 文章出处:
转载地址:http://ienfb.baihongyu.com/