samorlando / fakeroute Goto Github PK

This code is a fakeroute program written by Julian Assange in 1996. Found it in a pile of old emails I had, so here it is. Wanted to perserve it for history I guess. UPDATE: Rotorouter was part of FreeBSD and has been lost really to time.

Now for the ChatGPT breakdown... It aims to simulate traceroute responses by sending ICMP packets with spoofed information to mimic the appearance of a network route. Below is a detailed breakdown and explanation of the code:

1. Configuration File:

   • The configuration file (default named "hops") contains tuples specifying the destination IP, hop count, fake router IP, and latency in milliseconds.

2. Libraries and Definitions:

   • The code includes necessary libraries for network programming and packet capturing such as pcap.h, netinet/in.h, netinet/ip.h, and others.
   • Definitions for boolean values and endian bug handling are also included.

3. Global Variables:

   • Various global variables are declared for pcap handling, raw socket, and configuration parameters such as timeout and verbosity.

1. struct hop:

   • This structure represents a hop with attributes like destination IP, hop IP, latency, and TTL.

2. struct udp_state:

   • This structure keeps track of UDP state information including source and destination IPs, source port, and the time of the last packet.

1. pexit and eexit:

   • Utility functions to handle errors and exit the program with a message.

2. xmalloc:

   • A wrapper around malloc to allocate memory and handle allocation failure.

3. fast_icmp_cksum:

   • Computes the checksum for ICMP packets.

4. lookup_printer:

   • Looks up and returns the appropriate printer function based on the data link type.

5. open_pcap:

   • Opens a pcap session for packet capturing with the specified device, promiscuous mode, filter, and timeout.

6. ether_if_print and ppp_if_print:

   • These functions process packets captured on Ethernet and PPP interfaces, respectively, and pass them to the analyze_udp function.

7. find_hop:

   • Finds and returns the hop information for a given destination IP and TTL.

8. icmp_reply:

   • Crafts and sends an ICMP reply based on the captured packet and hop information.

9. analyze_udp:

   • Analyzes UDP packets to determine if they match any configured hops, then generates and sends ICMP replies if necessary.

10. open_raw:

    • Opens a raw socket for sending custom ICMP packets.

11. populate_hops:

    • Reads the configuration file and populates the list of hops with destination IPs, hop IPs, TTLs, and latencies.

12. usage:

    • Displays usage information and exits the program.

• The main function processes command-line arguments to set various parameters such as interface, promiscuous mode, hops file, usec, max TTL, timeout, and verbosity.
• It calls populate_hops to load the hop configuration, open_pcap to start packet capturing, and lookup_printer to get the appropriate printer function.
• Finally, it enters a packet capturing loop (pcap_loop) to continuously process packets.

To run the program, you might use a command like:

fakeroute -i eth0 -h my_hops_file -u 100 -t 5 -n 300 -v

• -i eth0: Use the eth0 network interface.
• -h my_hops_file: Use my_hops_file for hop configuration.
• -u 100: Set the timeout for pcap reads to 100 microseconds.
• -t 5: Set the maximum TTL to 5.
• -n 300: Set the timeout for UDP state entries to 300 seconds.
• -v: Increase verbosity.

The fakeroute program is a sophisticated tool for simulating network routes and responses, useful for testing and security research. It involves capturing UDP packets, identifying specific routes based on predefined configurations, and sending crafted ICMP replies to mimic a real traceroute.