Skip to content

Small TCP dumb C analyzer, sorts types of packets, and outputs data about certain packets found in TCP dump files. It can also re play an attack.

Notifications You must be signed in to change notification settings

amanelis/3-way-handshake

Repository files navigation

C TCP Dump Log Analyzer
Written by Alex Manelis <[email protected]>

Description:
This project reads in a TCP dump file. It analyzes it, and 
sorts throught types of packets. Using this it can take this
data to create a three way handshake with a victim machine.

parse.c - 
This was the original attempt at trying to read the packets
and information. Its implementation is not as effective as 
wanted considering I am doing multiple reads. This is why 
the second implementation is the real working one. 

parse_lab.c -
This file correctly reads the data and stores to a buffer.
Working on implementing a packet manipulation function that
will then send out manipulated packets on network. Does not
properly resend packets to make three way hand shake.

driver.c -
This file properly sends packets to network. Working on 
confirming the three way handshake


Dependencies -
1.) ldnet
2.) lpcap
3.) tcpdump, w/ dump file
4.) bit-twist (not implemented yet, in future)

INSTALL & RUNNING -
$>make driver
$>./driver [network log file] [config file]

In the logs/ dir, I have included some TCP dump files you can
demo your executables on. I would try:

$>./driver logs/syn.64.log logs/cfg.alex

PACKETS DIR
This directory was used to generate packets using the program
bit-twist. As for my packet manipulation that is the next library
I will be including in this application.

Demo invocation: 
./driver logs/syn.64.log logs/cfg.alex

About

Small TCP dumb C analyzer, sorts types of packets, and outputs data about certain packets found in TCP dump files. It can also re play an attack.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages