project: ettercap NG (0.7.0)

it is not yet released, but will use libnet 1.1.2.
the current version (0.6.x) does not use libnet.

bye

Throwing together quick fuzzers.

I do!

I use libnet in guessnet. The purpose of guessnet is to try some more
tricks to properly configure the network when DCHP isn't around.

libnet is used to create ARP probes to look for known machines in the
local network. I intend to use libnet1 (when it will work on
unconfigured interfaces) to also send DHCP probes.

I've also started an experimental tool, part of guessnet, that tries to
infer a suitable network configuration by looking at sniffed packets.
That tool uses libnet to send out ARP packets to see which addresses are
local and which are not. I'll shortly be looking for people submitting
ideas (and possibly working code) to it.

I only use packet construction and link-layer injection. I then use
libpcap to pickup network traffic.

I have threads that build a probe once, and then send it out at regular
intervals. It's very handy for me to build a packet, save it on a
buffer and toss that buffer into the network as many times as needed.

I'm having problems doing it with libnet1, as I can't find out a proper,
documented way to deallocate the result of libnet_adv_cull_packet.

I really love being able to use libnet, so that I don't have to worry
too much about system-specific issues of packet-injection, nor about the
error-prone bit-mangling of packet creation. I was really looking
forward to have DHCP packet construction around, and I've been happy
when I saw it in libnet1.

I'm not pestering you to release a fixed libnet1 only because I have
submission deadline for my graduation thesis on march, 10. After march,
25, expect more news from me :-)


Ciao,

Enrico

--
GPG key: 1024D/797EBFAB 2000-12-05 Enrico Zini <***@debian.org>

We're using an older version in a network simulation/deployment tool
called nsclick:

http://systems.cs.colorado.edu/index.php?id=13

-Michael Neufeld

Tcpreplay. Mostly for portable layer2 packet injection, but I also make
heavy use of libnet's TCP/IP/ethernet etc data structures and "internal"
functions for calculating checksums.

I also use libnet as part of my toolkit for writing quick, simple tools
at work for security testing purposes.

this is what i have been upto with libnet - The Gobbler - dhcp auditor
+ exploiter (man in the middle and IP exhaustion), spoofed host creation
(via arp replies and/or dhcp), portscan from spoofed host (works on an
interface with no assigned IP... or will do when 1.1.2 is released :P ),
OS detection (nmap, port 0, dhcp) and basic banner grabbing, arp scanner,
traceroute and ping from spoofed host, and finaly extreamly basic web
browsing from spoofed host.... all thanks to the joys of libnet ;) ;)

the version on http://networkpenetraion.com is borked atm... awaiting
1.1.2 :P

keep up the good work


cheers
Ste Jones
Network Penetration
NetworkPenetration.com
--

Hello,
Libnet is used in netwib/netwox for :
- Ethernet/MAC spoofing
- IP/raw spoofing
None of the packet creation functions are used. Libnet was
choosen because it supports several platforms, and it's
commonly available in distribution packages.

Netwib is a network library. It also uses libpcap/WinPCAP.
It can be seen as an upper layer to libnet and libpcap. It's
interfaces are not sufficiently stable to be integrated in
big projects, and is mainly conceived for netwox.

Toolbox netwox helps to find and solve network problems.
It provides more than 150 tools :
- sniff, spoof
- tcp/udp clients/servers
- DNS, FTP, HTTP, IRC, NNTP, SMTP, TELNET
- scan, ping, traceroute
- etc.
A graphical front end netwag is available for first time users.

They were successfully installed under Linux, FreeBSD,
NetBSD, OpenBSD, MacOS, Solaris, HP-UX and Windows.

You can read more about those 3 projects and download them at :
http://www.laurentconstantin.com/en/netw/
http://laurentconstantin.free.fr/en/netw/

Regards,
Laurent Constantin
--
***@aql.fr [principal/main]
http://www.laurentconstantin.com/ [principal/main]
***@free.fr [secondaire/backup]
http://go.to/laurentconstantin/ [secondaire/backup]
http://laurentconstantin.est-la.com/ [secondaire/backup]

************************************************************
The contents of this email and any attachments are
confidential. They are intended for the named recipient(s)
only.
If you have received this email in error please notify the
system manager or the sender immediately and do not disclose
the contents to anyone or make copies.

* email scanned for viruses, vandals and malicious content *
************************************************************

I started with libnet quite a while back. I thought I had a pretty good
grasp on TCP/IP and all manner of things, but I'm a hands-on kind of
guy. So I started toying with Net::RawIP to craft packets, but I was
only moderately pleased with its abilities. Shortly thereafter I
stumbled upon libnet, which seemed to be fairly robust, in active
development, and in use by quite a few people. I quickly learned how
things do an don't work in the world of networking, mostly thanks to
libnet.

So, what do I use it for specifically? I wrote a bunch of simple tools
for crafting various types of packets. Honestly these started out as
mere "practice" programs to get myself familiar with libnet, but they've
come quite a way. They aren't the prettiest, but they work and I keep
copies of the binaries and the source on all my systems:
http://spoofed.org/files/. I also find libnet simple enough such that
if I have a particular protocol or service that I don't understand, or a
particular implementation that I suspect is misbehaving, I can quickly
hack something together to speak that protocol. Simple enough to allow
quick hacking and prototyping, yet robust enough to do damn near
whatever you can dream up.

-jon

Sorry about the late reply, I forgot to go through some folders here.

arping.
http://www.habets.pp.se/synscan/programs.php?prog=arping
Just been ported to Windows. Whop-tee-doo.

And for the record. I'm bothered by resolving returning -1 on error. :-)

---------
typedef struct me_s {
char name[] = { "Thomas Habets" };
char email[] = { "***@habets.pp.se" };
char kernel[] = { "Linux" };
char *pgpKey[] = { "http://www.habets.pp.se/pubkey.txt" };
char pgp[] = { "A8A3 D1DD 4AE0 8467 7FDE 0945 286A E90A AD48 E854" };
char coolcmd[] = { "echo '. ./_&. ./_'>_;. ./_" };
} me_t;