nemesis v1.8 releases: command-line network packet crafting and injection utility

by do son · Published · Updated

nemesis

N E M E S I S – TCP/IP Packet Injection

The Nemesis Project is designed to be a command-line-based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol and should allow for useful scripting of injected packets from simple shell scripts.

Key Features

  • ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP, OSPF, RIP, TCP, and UDP protocol support
  • Layer 2 or Layer 3 injection on UNIX-like systems
  • Layer 2 injection (only) on Windows systems
  • Packet payload from a file
  • IP and TCP options from a file
  • Tested on OpenBSD, Linux, Solaris, Mac OS X, and Windows 2000

Each supported protocol uses its own protocol “injector” which is accompanied by a man page explaining its functionality.

Consult the ChangeLog for release details, and the documentation for each protocol injector for in-depth descriptions of the available functionality.

Changelog v1.8

Changes

  • Add automatic IP multicast group to MAC multicast address translation
  • Improved usability for composing IGMPv3 reports:
    • Default to 224.0.0.2 for IGMPv3 report type
    • Add -n NUM to control the number of group records

Fixes

  • Fix IGMP v2 join example in README
  • Fix logic for printing DNS protocol: TCP/UDP, by Brett Kuskie
  • Fix #12: allow 0.0.0.0 as RIP address
  • Fix #13: multiple definitions of variables, by Brett Kuskie

Install

git clone https://github.com/troglobit/inadyn.git
cd inadyn/
./autogen.sh
./configure && make

Usage

Examples

  • Inject malformed ICMP redirect 
     sudo nemesis icmp -S 10.10.10.3 -D 10.10.10.1 -G 10.10.10.3 -i 5
  • IGMP v2 join for group 239.186.39.5 
     sudo nemesis igmp -v -p 22 -S 192.168.1.20 -i 239.186.39.5 -D 239.186.39.5
  • IGMP v2 query, max resp. time 10 sec, with Router Alert IP option 
     echo -ne '\x94\x04\x00\x00' >RA
sudo nemesis igmp -v -p 0x11 -c 100 -D 224.0.0.1 -O RA

    or

     echo -ne '\x94\x04\x00\x00' | sudo nemesis igmp -v -p 0x11 -c 100 -D 224.0.0.1 -O -
  • IGMP v3 query, with Router Alert IP option 
     echo -ne '\x03\x64\x00\x00' > v3
sudo nemesis igmp -p 0x11 -c 100 -i 0.0.0.0 -P v3 -D 224.0.0.1 -O RA
  • Random TCP packet 
     sudo nemesis tcp
  • DoS and DDoS testing 
    sudo nemesis tcp -v -S 192.168.1.1 -D 192.168.2.2 -fSA -y 22 -P foo
sudo nemesis udp -v -S 10.11.12.13 -D 10.1.1.2 -x 11111 -y 53 -P bindpkt
sudo nemesis icmp redirect -S 10.10.10.3 -D 10.10.10.1 -G 10.10.10.3 -qR
sudo nemesis arp -v -d ne0 -H 0:1:2:3:4:5 -S 10.11.30.5 -D 10.10.15.1

Copyright (C) 1999, 2000, 2001 Mark Grimes <mark@stateful.net>
Copyright (C) 2001 – 2005 Jeff Nathan <jeff@snort.org>
All rights reserved.

Source: https://github.com/troglobit/

Tags: nemesis