Rubyforger 0.03 review
DownloadRubyforger is a raw packet manipulation tool
|
|
Rubyforger is a raw packet manipulation tool. Rubyforger allows you to easily send, receive, and modify Ethernet, ARP, IP, TCP, UDP, and ICMP packets.
Creating and modifying packets is easily done by adding layers and changing their parameters.
Visualforge is a GUI packet crafter based on Rubyforger create, send, and receive packets and export the Ruby code in just a few clicks.
Rubyforger currently understands those protocols :
* Ethernet
* Arp
* IP
* UDP
* TCP
* ICMP
Rubyforger works assembling packets at different layers. For example, to ping a machine, you will assemble an IP packet and an ICMP packet. You can also choose to craft the layer 2 packet yourself, in that case you will assemble an Ethernet, an IP and an ICMP packet. If you wish to attach a payload to your packet, just add a string to it.
The packets support several operations :
* + : this is the "add" operation, used to assemble packets
example : p = IpPkt.new("dst"=>$DST)+IcmpPkt.new
* head! : returns the packet without its upperlayer
* queue! : returns the packet without its underlayer
* getlayer(l) : returns the packet corresponding to layer l. l can be
a number or a name, such as "Tcp"
* to_s : returns a string describing the values of the packet's fields
* print : prints the description of the packets's fields
* to_code : returns the Ruby code corresponding to the packet
* send : sends the packet over the network.
* sr : sends the packet and returns the replies
* dup : the usual Ruby dup function, that duplicates an object
HOW TO USE IT ?
Use the init function in order to set up the correct interface.
Then, just use rubyforger.rb in your own ruby script by doing :
require 'rubyforger.rb'
EXAMPLES:
First a simple ping :
require 'rubyforger.rb'
$DST = gethostbyname("host")
p = IpPkt.new("dst"=>$DST)+IcmpPkt.new
a = p.sr
puts "PONG" if (a.getlayer("Icmp").code == $ICMP_ECHOREPLY)
Now a port scanner :
p = IpPkt.new("dst"=>$DST)+TcpPkt.new
79.upto(82) do |i| # scan range 79-82
p.getlayer("Tcp").dport = i
a = p.sr
if a.getlayer("Tcp").flags == ($TCP_SYN|$TCP_ACK)
puts "port #{i} open"
else
puts "port #{i} closed"
end
end
Requirements:
Ruby
Ruby Pcap
What's New in This Release:
The GUI was rewritten.
Rubyforger 0.03 search tags