Wednesday, May 2, 2012
epb - Ethernet Package Bombardier
EPB HAS NEW WEBSITE HERE
What is epb:
Man page for version 1.6rc are online for answering this question in details.
Epb is a tool allowing one to send customized ethernet packages. Package is specified in text file. No GUI offered, but also not many libraries needed. Also understanding what code does is easy. Originally epb was intended just to be a simple way to quickly generate single custom package to network. Now it can also be used to:
-generate sequence of packages (similar human readable package format)
-send packet sequence captured using libpcap/pcapng (tcpdump, wireshark,...) snoop (SUN's packet sniffer) or netmon (Microsoft's sniffer for windows - currently only versions 1 and 2 supported)
-select packets from pcap/snoop files based on src/dst mac address or ethernet header's ethertype field.
20.12.2012 v1.6 - package has limited support for sending/ converting pcapng files
epb 1.6 (Energy Saving Led Light Sabre) is available for download as tarball
XX.08.2012 Experimantal 1.5_2 package supports converting pcap files to editable epb2 text format allowing making modifications to pcap trace before resending it.
Experimantal 1.5_2 (Really Incoherent Laser) is available for download as tarball
18.07.2012 Epb 1.5 provides support for netmon and (better) stripping pcap+snoop files.
Epb 1.5 (Incoherent Laser) is available as tarball. This version can read and send also snoop (SUN's sniffer format) and cap files (version 1 and 2 of Microsoft's NetMon files). Also stripping packets can now be done for snoop format too. Furthermore it is now possible to select packets based on ethernet header's ether type field.
13.07.2012 - epb version 1.4 (Two Handed Scissors) is there for testing.
After two days of coding like... well... me there is experimental pcap format support. 1.4 version allows you to send packets using pcap file. You can for example send packets captured using tcpdump or wireshark. Epb also includes support for stripping only packages sent from/to certain mac address. 1.4 is available for testing as a tarball.
11.07.2012 - epb version 1.3 (Cold Fusion Bomb) is out! This version adds support for epb file format 2 - allowing epb to be used for sending sequence of packages. Note that 1.3 has gone through some major changes, and I am expecting few bugs to be included... Please please please, let me know if you encounter problems. File format version 2 is explained in version 1.3 man pages. Also there is example file in epb 1.3 tarball. Text below describes version 1 format (which is still supported though).
Package is specified in text file, in format: <datatype>:<value> One item / row.
Possible datatypes are: u8,i8,u16,i16,u32,i32,u64 and i64, meaning either signed (i) or unsigned (u) values.
Numeric part of datatype tell the width of value in bits. A colon (:) is used to separate data type and value fields. Value is given as number, defaulting to base 10 integer. However, if value is prefixed with 0x, then it is interpreted as hexadecimal. Lines beginnign with hash (#) - mark are interpreted as comments. There is few example files in examplepackets directory.
epb 1.6 tarball limited pcapng support. (sending and converting to epb2)
epb 1.5 tarball snoop and netmon 1 & 2 file format support + stripping packet from snoop and pcap captures based on mac addresses or ether type
epb 1.4 tarball experimental pcap (libpcap) file format support
epb 1.3 tarball
epb 1.2 tarball.
epb 1.5_2 tarball experimental support to convert pcap files to plain text epb2 format (makes editing traces easier)
Tarballs include sources, manpages and static binaries for x86.
Go to folder where Makefile is located and type
sudo make install
Now command epb -h should give you quick help, and man epb display the man pages.
Obtain current development sources from svn repository by typing
svn checkout http://xp-dev.com/svn/epb/trunk
Man page for development version 1.6 is also available online at http://maz-programmersdiary.blogspot.fi/2012/06/man-pages-for-epb.html
I am running out of ideas for further epb development. I guess a converter to convert binary traces to easily modified epb v2 plain text format is my next addition.
Some version history:
1.6 Energy Saving Led Light Sabre
- Limited support for sending (or converting to text) the pcapng traces. 1.5_2 Really Incoherent Laser
- Support for converting pcap traces to epb2 format for editing before send.
1.5 Incoherent Laser
- man pages updated
- further refactored code - stripping of snoop files - --strip-ether-type option to select packets based on ether type. 1.5 beta
- man page update
- snoop (SUN's sniffer) file format
- NetMon version 1 and 2 file format (MS NetMon)
1.4 Two Handed Scissors
- man page update
- pcap (libpcap) file format support.
- pcap file stripper.
- almost total redesign for parsers. More modular structure easing adding different file parsers
1.3 Cold Fusion Bomb:
- man pages updated
- icmp6 echo example using epb file format version 2
- Added possibility to generate sequence of different packets (epb file format v2)
- Added possibility to specify packets from stdin.
- Added long options.
- refactored code and decreased memory usage.
1.2 (Rubber Bullet)
- environment checks
- forced compiling to be 32 bit
1.1 (Bladeless Dagger)
- Fixed IPv4 detection bug when 802.1q VLAN tagging is used
- Fixed IPv4 detection bug when endianess conversion was not done.
- Removed unnecessary debugprints
- added -m flag for using real mac address
- added -c flag for not touching the checksum even if it was 0
- man page update
1.0 (Overweight Ninja)
- added -e flag to maintain endianess.
- fixed some print issues
- figed command line param parsing (no order requirements)
- changed binary name to epb
0.3 (Blind Sniper)
- IP target usage fixed
- safer default interval
- updated DO_NOT_READ_ME.txt
0.2 (Singlefire Sergei)
- removed unnecessary commandline parameters
- added -w option
- *nix style params
0.1 (Barely Flying Fortress)
- Initial release.
|All examples||No related posts|
|Explode function in C||ANSI C explode|
|Atomic Operations||(Finnish!) Atomiset Operaatiot (säikeet II)|
|Packed Array||C - optimize memory usage|
|Bitset in C||C - optimize memory usage|
|Trim/Rtrim (examples extended beyond post)||Trim/Rtrim|
|Linked list||No blog posts|
|Lottery machine||You can do OOP in C|